Tech & Sourcing @ Morgan Lewis


As discussed in a post from earlier this week, President Joseph Biden issued an executive order on May 12, 2021 to improve the nation’s cybersecurity. The White House has put its proverbial money where its mouth is by proposing a $58.4 billion information technology spending plan that includes $9.8 billion specifically earmarked for civilian government cybersecurity measures as well as an expedited push towards SaaS and cloud services solutions.

The proposed cybersecurity spending reflects a concerted effort by the Biden-Harris administration to combat ever increasing cyberattacks from foreign governments and other criminal actors that have adversely impacted the nation. Last month, a ransomware attack against a major oil pipeline cut off gasoline supply throughout the East Coast of the United States. More recently, this past weekend the largest beef producer in the United States suffered a ransomware attack that closed all of its facilities within the United States.

Currently, the United States has no cybersecurity regulations for companies other than those functioning in the electric, nuclear, or banking industries, said David White, president of the cyberrisk management company Axio, as reported by the Associated Press in this National Public Radio article. In light of there being no current legislative standards designed to protect critical US infrastructure from cyberattacks the Biden-Harris administration is investing heavily in IT infrastructure to limit future attacks and to create a Cyber Safety Review Board within the White House that can coordinate a unified response to cyberattacks in the future.

President Biden’s budget proposal includes funding to fill skill gaps in the government’s IT and cybersecurity workforce, specifically the Homeland Security Department’s Cybersecurity and Infrastructure Security Agency. Additionally, the spending proposal sets aside $500 million to upgrade old technology systems that are ripe for hacking with increased cybersecurity obligations.

It is clear that modernizing the United States IT systems and further strengthening cybersecurity is a priority of the US government and one can only assume that these efforts will increase in the future. According to a recent article by the Wall Street Journal, it is estimated that roughly half of all federal agencies will have modernized their critical core legacy applications by 2025, in large part by moving towards a greater portion of software and infrastructure to more cost-effect cloud-computing services.