Cybersecurity is one of the most pressing challenges in the 21st century. As cyber threats grow more sophisticated and diverse, countries need a robust and coordinated strategy to defend their interests and values in cyberspace. Which is why the Biden Administration has released its first National Cybersecurity Strategy.
The strategy was crafted by the Office of the National Cyber Director (ONCD), a new agency created by Congress in 2021 to oversee and coordinate federal cybersecurity efforts. The ONCD is headed by Chris Inglis, a former deputy director of the National Security Agency.
The National Cybersecurity Strategy is a comprehensive and ambitious plan reflecting the U.S. government's commitment to protecting the nation's security, democracy, and prosperity in the digital age.
A White House fact sheet says the strategy "seeks to build and enhance collaboration around five pillars," which are:
- Defend critical infrastructure
- Disrupt and dismantle threat actors
- Shape market forces to drive security and resilience
- Invest in a resilient future
- Forge international partnerships to pursue shared goals
To achieve these goals, the strategy proposes several actions and initiatives across government and society. It plans to expand minimum cybersecurity requirements for critical sectors such as energy, transportation, health care, and finance. It also intends to work with Congress to pass new legislation that would give federal agencies more authority and resources to prevent and respond to cyberattacks.
Another key action is to elevate ransomware attacks to a national security threat level. The strategy pledges to use all available tools, including sanctions, indictments, and diplomatic pressure, to disrupt ransomware networks and hold their operators accountable. It also promises to increase support for victims of ransomware attacks and encourage them to report incidents.
Furthermore, the strategy emphasizes the importance of international cooperation on cybersecurity issues. It aims to work with allies and partners to promote responsible state behavior in cyberspace, establish norms and rules of engagement, and impose consequences for malicious cyber activities.
The strategy recognizes that China and Russia are the most prominent cybersecurity threats to the United States, vowing to deter their aggressive actions by imposing costs and exposing their malicious activities. It also acknowledges that there are areas of mutual interest with China and Russia such as combating cybercrime.
Most importantly, the strategy stresses that cybersecurity is a shared responsibility among all stakeholders: government agencies, private sector entities, civil society organizations, academia, media outlets, and individual users. It strives to foster a culture of cybersecurity awareness and education across society. It also commits to invest in research and development to advance innovation and competitiveness in cyberspace.
Landen Brown, a Field CTO at Symmetry Systems, discussed the new national strategy with SecureWorld News:
"With the standup of the National Cyber Strategy Plan, we are starting to see a massive shift in perspective in how critical cybersecurity is becoming, and how intimate our federal cybersecurity goals are with broader national security. This requires a shift in cybersecurity priorities, with a focus on the National Cyber Strategy plan, and on the evolving technology and threat landscapes, to ensure the federal government doesn't continue to suffer from the same legacy problems that have persisted for decades. "
Follow SecureWorld News for more stories related to cybersecurity.