On March 1st, 2023, The White House unveiled their new National Cybersecurity Strategy for the United States. The strategy lays out a comprehensive approach to protect the country’s critical infrastructure, networks, and data from cyber threats, including both state-sponsored and criminal hackers.
The strategy includes five pillars:
Defend Critical Infrastructure:
The first pillar of the 2023 Biden-Harris National Cybersecurity Strategy aims to defend critical infrastructure and ensure the availability and resilience of essential services. To achieve this goal, the strategy proposes expanding the use of minimum cybersecurity requirements in critical sectors, harmonizing regulations to reduce the burden of compliance, enabling public-private collaboration to defend critical infrastructure, and modernizing Federal networks while updating Federal incident response policies. The aim is to increase the confidence of American citizens in the security of their critical infrastructure, enhance national security and public safety, and ensure the continuity of essential services.
Disrupt and Dismantle Threat Actors:
The second pillar of the 2023 Biden-Harris National Cybersecurity Strategy aims to prevent malicious cyber actors from threatening the national security and public safety of the United States. The strategy includes the strategic use of all national power tools to disrupt adversaries, engaging the private sector in scalable mechanisms, and addressing the ransomware threat through a comprehensive Federal approach in collaboration with international partners. The goal is to make the US digital ecosystem more secure and resilient against cyber threats.
Shape Market Forces To Drive Security and Resilience:
Within the third pillar, the Biden-Harris National Cybersecurity Strategy aims to shape market forces to enhance security and resilience in the digital ecosystem. The plan aims to promote privacy and security of personal data by placing responsibility on those in the digital ecosystem best positioned to reduce risk. The government intends to shift liability for software products and services to promote secure development practices, ensuring that the consequences of poor cybersecurity are not borne by the most vulnerable.
The plan also aims to ensure that Federal grant programs promote investments in new infrastructure that is secure and resilient. By doing so, the government aims to encourage private sector investment in secure and resilient infrastructure. Overall, the plan aims to make the digital ecosystem more trustworthy by shifting the consequences of poor cybersecurity away from the most vulnerable and promoting investments in secure and resilient infrastructure.
Invest In A Resilient Future:
The following pillar focuses on making strategic investments and coordinating collaborative actions to lead the world in innovation of secure and resilient next-generation technologies and infrastructure. The plan aims to reduce systemic technical vulnerabilities in the foundation of the Internet and across the digital ecosystem while making it more resilient against transnational digital repression. This will be done by prioritizing cybersecurity research and development (R&D) for next-generation technologies, such as post-quantum encryption, digital identity solutions, and clean energy infrastructure.
Moreover, the strategy aims to develop a diverse and robust national cyber workforce by promoting cybersecurity education, training, and workforce development programs. The plan also aims to ensure that government agencies have the necessary talent to carry out their cybersecurity mission effectively. Overall, the plan aims to invest in a resilient future by prioritizing cybersecurity R&D, promoting cybersecurity education and training, and developing a diverse and robust national cyber workforce.
Forge International Partnerships to Pursue Shared Goals:
The fifth pillar of the Biden-Harris National Cybersecurity Strategy seeks to create a world where responsible state behavior in cyberspace is expected and reinforced, while irresponsible behavior is isolated and costly. The strategy seeks to leverage international coalitions and partnerships among like-minded nations to counter threats to our digital ecosystem through joint preparedness, response, and cost imposition. This will involve increasing the capacity of our partners to defend themselves against cyber threats, both in peacetime and in crisis.
The plan also aims to work with our allies and partners to make secure, reliable, and trustworthy global supply chains for information and communications technology (ICT) and operational technology (OT) products and services. This will involve promoting international standards and best practices for cybersecurity and supporting international norms that promote responsible behavior in cyberspace. Overall, the strategy aims to forge international partnerships to pursue shared goals of a secure and resilient digital ecosystem.
Overall, the new Biden-Harris National Cybersecurity Strategy is a comprehensive approach to addressing the growing threat of cyber attacks. By focusing on defending today’s networks, securing tomorrow’s technologies, building resilient communities, and addressing global cyber threats, the strategy aims to ensure that the United States remains safe and secure in the digital age.