US President’s Cybersecurity Strategy call for global action

The Biden-Harris Administration has released a new National Cybersecurity Strategy which offers the prospect of US helping other nations with cyber defence

The US government says a rapidly evolving world demands a more intentional, coordinated, and well-resourced approach to cyber defence at the launch of its new National Cybersecurity Strategy.

The revamped US cyber strategy seeks to reimagine cyberspace as a tool that reflects American values, including economic security and prosperity, respect for human rights and fundamental freedoms, trust in democracy and democratic institutions, and an equitable and diverse society.

The US government’s new cyber outlook also calls for international coalitions and partnerships among like-minded nations to counter threats to digital ecosystems and offers the possibility of the US acting to increase the capacity of its partners “to defend themselves against cyber threats, both in peacetime and in crisis”.

Fundamental changes in how the United States allocates roles, responsibilities, and resources in cyberspace will be required, and the plan proposes shifting responsibility for cybersecurity away from individuals, small businesses, and local governments and onto organisations.

“Our world is at an inflection point,” says US President Joe Biden. “That includes our digital world. The steps we take and choices we make today will determine the direction of our world for decades to come. This is particularly true as we develop and enforce rules and norms for conduct in cyberspace."

The plan seeks to enhance collaboration around five pillars:

Defend Critical Infrastructure

The strategy seeks to give the American people confidence in the availability and resilience of critical infrastructure and essential services by expanding the use of minimum cybersecurity requirements in critical sectors. The strategy also aims to harmonise regulations to reduce compliance burden and enable public-private collaboration at the speed and scale to defend critical infrastructure and essential services. Additionally, the strategy seeks to defend and modernise Federal networks while updating Federal incident response policy.

Disrupt and Dismantle Threat Actors

The strategy aims to make malicious cyber actors incapable of threatening the national security or public safety of the United States. This includes strategically employing all tools of national power to disrupt adversaries, engaging the private sector in disruption activities through scalable mechanisms, and addressing the ransomware threat through a comprehensive Federal approach in collaboration with international partners.

Shape Market Forces to Drive Security and Resilience

The government aims to place responsibility on those within the digital ecosystem who are best positioned to reduce risk and shift the consequences of poor cybersecurity away from the most vulnerable. This will be achieved by promoting privacy and the security of personal data, shifting liability for software products and services to promote secure development practices, and ensuring that Federal grant programs promote investments in new infrastructure that are secure and resilient.

Invest in a Resilient Future

Through strategic investments and coordinated, collaborative action, the United States aims to lead the world in the innovation of secure and resilient next-generation technologies and infrastructure. This includes reducing systemic technical vulnerabilities in the foundation of the Internet and across the digital ecosystem, making it more resilient against transnational digital repression, and prioritising cybersecurity research and development for next-generation technologies like postquantum encryption, digital identity solutions, and clean energy infrastructure. Additionally, the United States is committed to developing a diverse and robust national cyber workforce.

Forge International Partnerships to Pursue Shared Goals

The US government says it aims for a world where responsible state behavior in cyberspace is the norm and where the cost of irresponsible behaviour is isolating, as well as expensive. To achieve this, the government plans to leverage international coalitions and partnerships among like-minded nations to address threats to the digital ecosystem through joint preparedness, response, and cost imposition; increase the capability of partners to defend themselves against cyber threats in both peacetime and crisis situations; and collaborate with allies and partners to establish secure, reliable, and trustworthy global supply chains for information and communications technology and operational technology products and services.


Featured Articles

Secure 2024: AI’s impact on cybersecurity with Integrity360

With 2023 seeing increased AI in cybersecurity, and rising cyberattacks, Integrity360 leaders consider what the 2024 cyber landscape will look like

IT and OT security with Ilan Barda, CEO of Radiflow

Cyber Magazine speaks with Radiflow’s CEO, Ilan Barda, about converging IT and OT and how leaders can better protect businesses from cybersecurity threats

QR ‘Quishing’ scams: Do you know the risks?

QR code scams, or Quishing scams, are rising and pose a threat to both private users and businesses as cyberattacks move towards mobile devices

Zero Trust Segmentation with Illumio’s Raghu Nandakumara

Network Security

Is the password dead? Legacy technology prevents the shift

Network Security

Fake Bard AI malware: Google seeks to uncover cybercriminals

Technology & AI