The Biden administration has decided to implement Executive Order (EO) 13984, promulgated during the Trump years with the ponderous title “Taking Additional Steps to Address the National Emergency with Respect to Significant Malicious Cyber-Enabled Activities.” The core of the solution proposed in the EO is to require IaaS providers to verify the identity of their customers. If the customer is identified as a malign foreign actor, the U.S. government would have the broad authority to take special measures, including closing their accounts, preventing them from opening new accounts, or restricting the kinds of products they can access. While the objective is laudable, the approach the EO takes will likely backfire, making it more difficult to defend against threats while having the unintended consequence of harming U.S. industry and consumers. I have written more on this subject here.
Find Archived Articles: