Executive Order on Improving the Nation’s Cybersecurity: What it means for you

Submitted by meg - retired on

What is the Executive Order?

The Executive Order on Improving the Nation's Cybersecurity (Executive Order 14028) is an important step forward in protecting Americans from cyber threats. The order, signed by President Biden on May 11, 2021, focuses on strengthening the cybersecurity of the federal government, critical infrastructure, and the private sector.

The order requires federal agencies to adopt and implement a series of measures to improve their cybersecurity. These measures include developing a cybersecurity risk management program, conducting regular risk assessments, and implementing measures to protect against attacks and reduce cyber risk. It also requires agencies to implement multi-factor authentication to better protect against account hijacking, and to use encryption to protect data and communications.

In addition, the order calls for the creation of a Cybersecurity Safety Review Board. This board will be charged with reviewing and assessing the effectiveness of the cybersecurity measures being implemented by the federal government and by critical infrastructure. It will also review cybersecurity incidents that have occurred and make recommendations for improving the nation's cybersecurity posture.

What does this mean for CMS?

The Centers for Medicare & Medicaid Services (CMS) is taking steps to improve its cybersecurity posture, including strengthening its identity and access management, network monitoring and detection, and incident response capabilities. Additionally, CMS is working with its partners to identify areas of improvement and to develop and implement new and enhanced security controls. CMS is also focused on increasing employee awareness of cybersecurity threats and best practices. Finally, CMS is actively engaging with the healthcare industry to ensure that all organizations are taking the necessary steps to safeguard patient health data.

How is ISPG involved? 

ISPG is at the forefront of the efforts to: 

  • Improve incident response practices  
  • Implement new security controls with the adoption of the Acceptable Risk Safeguards (ARS) 5.0
  • Create a culture of cybersecurity awareness through training
Roles
Cyber Risk Advisor (CRA)
Data Guardian
Information System Security Officer (ISSO)
System / Business Owner
System Teams
Resource Type
Articles
Topics
CMS Policy & Guidance
Federal Policy & Guidance
Cover image
Shield of protection
Short Description

Learn about the latest federal cybersecurity guidance from the White House and its application at CMS

ISPG Publisher Team
Policy