US President Joe Biden signed a memorandum on Tuesday concerning the cybersecurity of the Defense Department and the country’s intelligence agencies, sketching out exactly how an executive order he signed in May 2021 will be implemented.
“This NSM requires that, at minimum, National Security Systems employ the same network cybersecurity measures as those required of federal civilian networks in Executive Order 14028. The NSM builds on the Biden Administration’s work to protect our Nation from sophisticated malicious cyber activity, from both nation-state actors and cybercriminals,” the White House said.
The memorandum goes into detail about how the executive order applies to national security systems and provides timelines for implementing things like multifactor authentication, encryption, cloud technologies, and endpoint detection services.
Within two months of the memorandum, the head of each executive department or agency that owns or operates an NSS is required to update agency plans concerning cloud technology, and within 180 days, agencies need to implement multifactor authentication and encryption for NSS data-at-rest and data-in-transit.
It also forces agencies to “identify their national security systems and report cyber-incidents that occur on them to the National Security Agency.”
The memorandum gives the National Security Agency broad powers to issue binding