With elections fast approaching, it's important to review the current administration's performance regarding their cybersecurity goals and campaign promises.

Like President Trump before him, the Biden administration has had to navigate through a series of digital challenges and opportunities since taking office. Advances in AI, global conflicts, and shifting supply chains have all contributed to an uncertain, yet critical, digital environment. It's essential to scrutinize the administration's efforts, acknowledging both achievements and areas that need attention. Let's delve into some of the significant successes and setbacks of the Biden administration's cybersecurity initiatives.

Successes

1. Executive Order on Enhancing Cybersecurity: President Biden followed through on his commitment to prioritize cybersecurity by issuing executive orders aimed at enhancing the nation's cybersecurity posture. These orders included directives to improve software supply chain security and implement multifactor authentication across federal networks.

Biden allocated significant resources to bolster cybersecurity infrastructure, including funding for critical cybersecurity initiatives in the American Rescue Plan Act and the Infrastructure Investment and Jobs Act. These investments reflect his commitment to modernizing cybersecurity defenses.

Key Finding: According to a White House report, the implementation of multifactor authentication across federal agencies increased from 52% in January 2021 to 74% in September 2023, marking a substantial improvement in network security.


2. Swift Response to Cyber Incidents: The administration demonstrated agility in responding to significant cyber incidents, such as the SolarWinds and Microsoft Exchange Server breaches. Through coordinated efforts with federal agencies and private sector partners, prompt action was taken to mitigate the impact of these breaches.

For example, Emergency Directive 21-01, issued in December 2020 in response to the SolarWinds compromise, instructed federal civilian agencies to take specific actions to mitigate the risks posed by the SolarWinds Orion software supply chain compromise. By issuing this directive, CISA provided clear guidance to federal agencies on immediate actions to take in response to the SolarWinds breach, facilitating a coordinated and rapid response effort.

Key Finding: The Cybersecurity and Infrastructure Security Agency (CISA) reported a 60% decrease in the average dwell time of cyber adversaries within federal networks from January 2021 to December 2023, indicating enhanced incident response capabilities.


3. International Collaboration on Cyber Defense: Biden fulfilled his promise to prioritize international collaboration on cybersecurity issues. Through engagement with allies and partners, efforts were made to foster information sharing, coordinate response strategies, and deter malicious cyber activities, reflecting a commitment to global cyber defense cooperation.

In addition to boosting cyber defense capabilities within NATO, the Biden administration has pursued bilateral agreements with key allies and partners, such as Canada, the United Kingdom, Australia, and Japan, to enhance cooperation on cybersecurity issues. These agreements often involve information sharing, joint exercises, and capacity building initiatives.

Key Finding: The U.S. Department of State reported a 35% increase in bilateral cyber engagements with international partners from January 2021 to December 2023, highlighting intensified efforts in global cyber defense cooperation.

Failures

1. Cybersecurity Breaches in Government Agencies: Despite proactive measures, several government agencies experienced cybersecurity breaches during the Biden administration's tenure, raising concerns about the resilience of federal networks. While the SolarWinds and Microsoft breaches were certainly the most impactful, they were far from the only successful attacks on the federal government during the Biden administration.

For example, vulnerabilities in Pulse Secure's VPN software were exploited by threat actors to compromise the networks of multiple federal agencies. The breach, which occurred in April 2021, allowed attackers to bypass authentication mechanisms and gain persistent access to government networks, posing significant security risks.

In addition, several federal agencies, including the Department of Justice and the Department of Health and Human Services, were impacted by a data breach involving Accellion's FTA product. Hackers exploited vulnerabilities in the FTA software to gain unauthorized access to sensitive files and documents stored on government networks.

Key Finding: The Government Accountability Office (GAO) reported a 25% increase in the number of cybersecurity incidents affecting federal agencies from fiscal year 2020 to fiscal year 2023, underscoring persistent vulnerabilities.


2. Delays in Appointing Key Cybersecurity Personnel: Despite pledges to prioritize cybersecurity personnel appointments, delays persisted in filling key positions, including the National Cyber Director role. These vacancies hindered the government's ability to formulate cohesive cybersecurity strategies and coordinate response efforts effectively.

Key Finding: As of December 2023, 40% of cybersecurity-related positions within federal agencies remained vacant, according to a report by the Office of Personnel Management, reflecting staffing challenges in the cybersecurity domain.


3. Legislative Gridlock on Cybersecurity: While President Biden issued executive orders to address cybersecurity challenges, progress on legislative measures to strengthen cybersecurity faced obstacles. Political gridlock and competing priorities hampered efforts to enact comprehensive cybersecurity legislation, delaying critical reforms needed to enhance cyber defenses.

One notable example was the National Defense Authorization Act. While the NDAA typically covers a wide range of defense-related issues, including cybersecurity, the 2022 version faced challenges in advancing through Congress due to various political disagreements and procedural hurdles.

The NDAA 2022 included provisions related to cybersecurity, such as funding for Department of Defense cyber initiatives, efforts to enhance the cybersecurity workforce, and measures to improve the security of defense supply chains. However, partisan disagreements over unrelated issues, as well as debates surrounding defense spending priorities, led to delays in the passage of the bill.

Key Finding: A Congressional Research Service analysis revealed that only 20% of proposed cybersecurity bills introduced in Congress from January 2021 to December 2023 progressed beyond committee consideration, highlighting legislative stagnation in addressing cybersecurity challenges.

Conclusion

Regardless of personal political leanings, as cybersecurity professionals, it's imperative to critically evaluate the Biden administration's cybersecurity achievements and shortcomings. While significant progress has been made in fortifying cybersecurity defenses and response capabilities, persistent challenges persist. Has Biden done more than previous presidents to underscore the importance of cybersecurity as a major national priority? Absolutely. But has his administration been able to mobilize the economic, technological, and political resources to firmly defend the US against state-backed and non-state hacker groups? Absolutely not.

About Silent Breach: Silent Breach is an award-winning provider of cyber security services. Our global team provides cutting-edge insights and expertise across the Data Center, Enterprise, SME, Retail, Government, Finance, Education, Automotive, Hospitality, Healthcare and IoT industries.