Microsoft Azure Blueprint illustrates the clear path to meet the Cybersecurity Executive Order
With the release of the Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure, agencies have new requirements to meet and document compliance with the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF). Agencies have a limited window to document their current risk posture and plans to fully comply with the Executive Order. Additionally, agencies are required by policy to “show preference in their procurement for shared IT services, to the extent permitted by law, including email, cloud, and cybersecurity services.”
Azure Government provides the answer to adhere to both the requirement for using shared services as well as one of the key findings that “Known but unmitigated vulnerabilities are among the highest cybersecurity risks faced by executive departments and agencies (agencies). Known vulnerabilities include using operating systems or hardware beyond the vendor’s support lifecycle, declining to implement a vendor’s security patch, or failing to execute security-specific configuration guidance.” A future blog post will provide further guidance on how Azure Government satisfies this critical need.
Read the entire article here, Azure Blueprint illustrates the clear path to meet the Cybersecurity Executive Order – Azure Government Cloud
via the fine folks at Microsoft