Biden administration releases National Cybersecurity Strategy
On March 2, the Biden administration announced the release of its National Cybersecurity Strategy (Strategy) in a continued effort to provide a safe and secure digital ecosystem for Americans. The Strategy, which expands on other steps taken by the administration in this space (covered by InfoBytes here), focuses on several key pillars for building and enhancing collaboration, including:
- Defending critical infrastructure. The Strategy will expand the use of minimum cybersecurity requirements in critical sectors, harmonize regulations to reduce compliance burdens, ensure public-private collaboration is able to defend critical infrastructure and essential services, and defend and modernize federal networks and incident response policies.
- Disrupting and dismantling threat actors. Under the Strategy, tools will be strategically employed to disrupt adversaries, and the private sector will be used to disrupt activities. Ransomware threats will also be addressed through a comprehensive federal approach “in lockstep” with international partners.
- Shaping market forces to drive security and resilience. In an effort “to reduce risk and shift the consequences of poor cybersecurity away from the most vulnerable,” the Strategy proposes to (i) promote privacy and security of personal data; (ii) “[shift] liability for software products and services to promote secure development practices”; and (iii) ensure investments in new infrastructure are supported by federal grant programs.
- Investing in a resilient future. The Strategy promotes coordinated, collaborative actions for reducing systemic technical vulnerabilities across the digital ecosystem and improving resiliency against transnational digital repression. The Strategy also prioritizes cybersecurity research and development for emerging technologies, including postquantum encryption, digital identity solutions, and clean energy infrastructure, and stresses the importance of developing a diverse, robust national cyber workforce.
- Forging international partnerships to pursue shared goals. The Strategy intends to leverage international coalitions and partnerships to counter threats to the digital ecosystem through the use of joint preparedness, response, and cost imposition, which will enable partners to better defend themselves against cyber threats. The U.S. will also work with international partners to create secure, reliable global information and communications technology supply chains and operational technology products and services.
While “next-generation technologies are reaching maturity at an accelerating pace, creating new pathways for innovation while increasing digital interdependencies,” the announcement warned that state and non-state actors are developing and executing campaigns that threaten the digital ecosystem. The Biden administration’s Strategy aims to address those threats.