A few weeks ago, President Obama took the latest step in his Administration’s efforts to bolster cybersecurity defenses by signing a new Executive Order that focuses on improving the security of consumer financial transactions.

Since the unveiling, the bulk of the attention to this new Executive Order has focused on its direction to federal agencies that they begin issuing and using enhanced credit, debit and other payments cards using integrated circuit chips and PINs for citizen transactions. This is a strong step forward for consumer protection and will help reduce fraud where cards are presented for payment.  

Securing online transactions

Less often discussed in the initial reporting on the Executive Order, however, is the requirement that the Administration develop an enhanced strategy to secure online transactions with the federal government using multi-factor authentication. 

CA Technologies supports this new direction and plans to be very engaged with the Administration in the development of this new strategy. My colleague Marty Yam has blogged on the Executive Order recently and expressed our support for the initiative. In the coming days, we will also feature a blog  post about techniques to protect and secure card-not-present transactions.

The role of securing identity in the application economy

From a policy perspective, we’re pleased to see continued focus by the Administration on the strong role that identity plays in the security ecosystem. For too long in Washington and other capitals around the world, perimeter security threats have consumed the focus of policymakers. 

As identity breaches continue to threaten consumers and businesses, governments globally are increasingly recognizing that secure authentication and appropriate access are just as critical to enhanced security as firewalls and end-point security detection tools from the major anti-virus vendors.

Beginning with the rollout of the National Strategy for Trusted Identities in Cyberspace in 2011, the Administration has invested heavily in enhancing identity security. CA Technologies has been closely involved with these efforts as one of the leading identity management vendors in the world.

In the application economy, identity will be both an enabler and protector of the app-driven revolution. Our online interactions require trust and enhanced authentication will enable more secure transactions. 

Planning ahead 

In developing the new strategy, we recommend that the Administration carefully balance a range of technical, cost and usability requirements to craft a plan that enhances security and provides flexibility for agencies that have a wide range of underlying business systems and authentication processes. CA Technologies believes that agencies will need to have flexibility to implement solutions that fit their business needs for the strategy to be successful.  

Many vendors in this space will trumpet that they have a solution that can fit every agency’s needs. But as we’ve learned in other areas of cybersecurity policy, no two entities are the same and the overall framework for advancing security must focus on outcomes and allow organizations to leverage diverse practices to achieve those outcomes.

CA Technologies looks forward to working with the Administration as it develops and implements a strategy that is flexible and secure to meet the diverse needs of transactions conducted with the government.

Image credit: Jeff Krause 

The post What’s less discussed about President Obama’s Cyber Executive Order appeared first on Highlight.