Earlier this year the Biden-Harris Administration released the National Cybersecurity Strategy, a comprehensive plan aimed at fortifying the nation’s digital infrastructure and protecting it from cyber threats. This initiative reflects the importance and urgency of ensuring the security, privacy, and resilience of America’s cyberspace. With the ever-increasing frequency and sophistication of cyberattacks, this strategy serves as a guiding framework to prioritize cyber defenses against existing and emerging threats.
The strategy has five key aims: strengthening critical infrastructure, disrupting threat actor operations, restructuring cybersecurity liability to promote secure coding practices and resiliency, increasing investment in a resilient next-generation technologies, enhancing international cooperation in responding to cyber threats.
Strengthening Critical Infrastructure: Recognizing the critical role of infrastructure in our daily lives, the National Cybersecurity Strategy emphasizes the need to fortify key sectors, including energy, transportation, healthcare, and communications. The plan outlines targeted efforts to enhance the security of these vital systems, leveraging advanced technologies and partnerships between the government, private sector, and international allies. By investing in robust cybersecurity measures, the administration aims to minimize disruptions caused by cyber incidents and ensure the smooth functioning of essential services.
Disrupting threat-actor operations: Already, we have seen significant movement on this arm of the strategy. On June 15th, BleepingComputer reported that a Russian national was arrested and charged by the Department of Justice for allegedly deploying LockBit ransomware on several corporate networks, both U.S. and foreign. One of the largest threats to large organizations in the last few years has been the surging popularity of organized ransomware gangs. The strategy aims to increase the disruption of such criminal syndicates through international cooperation and investment in existing disruption campaigns.
Using Market Forces to Drive Cybersecurity Performance and Resiliency: By shifting the consequences of poor cybersecurity practices away from the people, the plan aims to place the responsibility of mitigating digital risk to those best positioned to do so. In real terms, this means placing more liability for software products and services at the feet of their creators to promote secure development practices and safer data handling processes.
Investing in a Resilient Future: The strategy places great emphasis on new and emerging technology. By upping investments in the development of a skilled cybersecurity workforce, promoting innovation in technology, and collaborating with international partners, the strategy aims to stay ahead of adversaries and effectively respond to cyber incidents. The plan in particular calls out the need to identify and remediate systemic technical vulnerabilities inherent in the foundation of the internet. By fostering a cyber-resilient future, the administration aims to ensure that we increase our defenses against cyberattacks, but also to increase the ease at which we can stand back up again after we get knocked down.
Enhancing International Cooperation: Given the global nature of cyber threats, the National Cybersecurity Strategy places significant emphasis on international cooperation. The administration recognizes the importance of collaborating with like-minded nations to collectively address cybersecurity challenges. By fostering partnerships, sharing threat intelligence, and establishing common standards and norms, the strategy aims to promote a secure and stable cyberspace on a global scale. International collaboration will enable the United States to respond effectively to cyber incidents, disrupt malicious activities, and hold cyber actors accountable.
What does this mean for me?
In the near-term, at least for most of us, the strategy isn’t going to change how we go about our business. But it is important in that it represents the Government’s acknowledgement of an urgent need for a meaningful approach to increase resiliency and accountability. Organizations need not wait, and can take decisive action today through the application of Cybersecurity Performance Management (CPM)™ which provides the requisite visibility for improved resilience.
The unveiling of the National Cybersecurity Strategy by the Biden-Harris Administration represents a significant step towards safeguarding America’s digital future. With its comprehensive approach, the strategy prioritizes critical infrastructure protection, cybersecurity innovation, workforce development, international collaboration, and the preservation of privacy. By implementing this proactive roadmap, the administration aims to strengthen the nation’s resilience against cyber threats, foster innovation, and create a secure digital environment for all Americans. As cyber threats continue to evolve, this strategy provides a direction in which to navigate through the complex landscape of cybersecurity.