Table of Contents
Global cyber threats are growing. In response, the White House issued a new executive order to strengthen the nation’s cybersecurity. The order demands improved network visibility.
What does this mean? And why is network visibility important?
This post examines why the executive order demands better network visibility and how this works in practice with Lumu.
What Does the Executive Order Say?
Executive Orders guide federal agencies without creating new legislation. They are significant because federal agencies manage everything from national security, to economic policy, to public health.
In June of 2025, an executive order was issued: Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity. It amends a previous cybersecurity executive order from the outgoing presidency, earlier in 2025: Strengthening and Promoting Innovation in the Nation’s Cybersecurity.
Both executive orders are clear. They ask the Federal Government to set up security practices to improve threat visibility across networks and strengthen cloud security:
“The Federal Government must adopt proven security practices from industry — to include in identity and access management — in order to improve visibility of security threats across networks and strengthen cloud security.”
“Agencies’ policies must align investments and priorities to improve network visibility and security controls to reduce cyber risks.”
Agencies are also required to issue guidance to:
“address critical risks and adapt modern practices and architectures across Federal information systems and networks.”
This order directly applies to federal organizations. Its effects, however, will reach state and local governments and organizations that interact with government agencies. It is also a wake-up call for any private organization that has not prioritized network visibility.
Note that, for example, critical infrastructure security is a shared responsibility across all levels of government (federal, state, and local) and the private sector. The federal government plays a coordinating role through the Department of Homeland Security and its Cybersecurity and Infrastructure Security Agency (CISA).
Why Is Network Visibility Important?
Network visibility gives you a clear, real-time view of all network activity. It shows who and what is on your network and how they communicate. This turns raw data into intelligence so that your team can make better security decisions.
For complex networks, such as those in government agencies, network visibility is essential. They are prime targets for nation-state actors, who want to cause disruption, and for criminals, who might use infostealers and ransomware for financial gain. Attackers are constantly finding new ways to bypass endpoint defenses, and security teams need to be able to spot them if they use the network.
Traditional security measures might not work for critical infrastructure or networks with Internet of Things (IoT) integrations. For some devices, endpoint protection might be difficult, or impossible, to install. This makes network visibility especially important.
Operational Technology
Operating Technology, or OT, is the hardware and software that controls physical systems in industry and critical infrastructure. Here, network visibility prevents physical damage, like power outages or safety failures.
Visibility allows you to monitor for malicious traffic without touching delicate endpoints. It can also spot intruders moving from IT networks into the OT
Internet of Things
Operating with blind spots is not an option — and often devices connected to the network, such as cameras or printers, can be difficult for a defender to see. Network visibility is the essential foundation for managing these devices.
Risks from the IoT range from data breaches to endangering public safety.
Hundreds of noisy IoT devices can quickly overwhelm a network if not managed properly. Visibility allows you to establish a baseline of normal behavior for each IoT device. When a device deviates from that baseline, that can be flagged.
Cloud Security
Government agencies, just as all organizations, increasingly use the cloud. Much of the data stored there can be sensitive. Network visibility improves cloud security by eliminating dangerous blind spots.
Visualizing traffic flows helps detect odd behavior, unauthorized movement, and hidden threats. This clear view is key for rapid incident response. It makes the cloud manageable and secure, stopping small problems from becoming major breaches.
How Cybersecurity Tools Provide Network Visibility
Modern tools create a clear picture from chaotic network data. They analyze traffic to find hidden threats.
Lumu Defender is a Network Detection and Response, or NDR, tool. It uses a multi-layered model to find and respond to threats in real time. Its AI combines data analysis, threat intelligence, and behavioral analytics to find active compromises.
Combining Threat Intelligence With Network Visibility
Lumu analyzes vast network metadata. This includes things like DNS queries and firewall logs. This provides a full picture of network activity.
Lumu compares this metadata against its large, updated threat database. Lumu’s research team provides context-rich alerts that go beyond simple anomaly detection. This step helps you quickly identify known threats.
Lumu also integrates with existing security tools. This is an efficient way to maximize your current technology investment — it ensures that all alerts appear in one place, so nothing slips through.
Combining AI With Network Visibility
Artificial intelligence (AI) is now an essential part of any cyber defense. This is especially true in network visibility.
The executive order says:
“Artificial intelligence (AI) has the potential to transform cyber defense by rapidly identifying vulnerabilities, increasing the scale of threat detection techniques, and automating cyber defense.”
How does this work in action?
AI-Powered Anomaly and Behavior Analysis
To understand what is happening on a network you must spot anomalies and unusual behavior. AI and machine learning do this at speed.
AI allows Lumu to go beyond known threats. It uses machine learning to uncover new, complex attacks that might not be seen by conventional means. This can include zero-day threats and endpoint defense evasion techniques that have bypassed your first line of defense.
It works by setting a baseline for normal network behavior. It then flags any deviation. This is effective against ransomware, insider threats, and other attacks without a known signature.
Autonomous Incident Management and Response
Network visibility is important, it gives your team the information they need. However, if the team can’t act on that info, it’s as good as useless.
For a small team with a heavy workload, too much information is overwhelming. Alert fatigue can set in. Network defenses must work autonomously.
Lumu Autopilot is an AI tool that manages incidents. It analyzes alerts, then decides to monitor, mute, close, or escalate it. This frees up your security team to focus on critical issues. The result is a faster, more efficient response.
Strengthen Your Network Visibility
Every organization’s IT setup is different. Devices and security tools vary. But whoever the attacker and whatever their objective, they must use the network.
The White House executive order sends a clear signal. Prioritizing network visibility and AI protects your data and infrastructure. It confirms that visibility is essential for modern security.
To get started with network visibility, open a Lumu Free account.
