On March 2, the White House released a long-awaited National Cybersecurity Strategy which is designed to combat the rising threat of malicious cyber activity we have seen in recent years.
In a fact sheet, the government advises that the plan is intended to “reimagine cyberspace as a tool to achieve our goals in a way that reflects our values: economic security and prosperity; respect for human rights and fundamental freedoms; trust in our democracy and democratic institutions; and an equitable and diverse society.”
The release also states that the strategy recognizes that the government must use all tools of national power in a coordinated manner to protect national security, public safety and economic prosperity.
The vision includes making our digital ecosystem:
- Defensible, where cyber defense is overwhelmingly easier, cheaper, and more effective;
- Resilient, where cyber incidents and errors have little widespread or lasting impact; and,
- Values-aligned, where our most cherished values shape—and are in turn reinforced by— our digital world.
The Cybersecurity Strategy seeks to build and enhance collaboration around five pillars:
Defend Critical Infrastructure
- Expand the use of minimum cybersecurity requirements in critical sectors to ensure national security and public safety and harmonize regulations to reduce the burden of compliance;
- Enable public-private collaboration at the speed and scale necessary to defend critical infrastructure and essential services; and,
- Defend and modernize Federal networks and updating Federal incident response policy.
Disrupt and Dismantle Threat Actors
- Strategically employ all tools of national power to disrupt adversaries;
- Engage the private sector in disruption activities through scalable mechanisms; and,
- Address the ransomware threat through a comprehensive Federal approach and in lockstep with international partners.
Shape Market Forces to Drive Security and Resilience
- Promote privacy and the security of personal data;
- Shift liability for software products and services to promote secure development practices; and,
- Ensure that Federal grant programs promote investments in new infrastructure that are secure and resilient.
Invest in a Resilient Future
- Reduce systemic technical vulnerabilities in the foundation of the Internet and across the digital ecosystem while making it more resilient against transnational digital repression;
- Prioritize cybersecurity R&D for next-generation technologies such as post quantum encryption, digital identity solutions and clean energy infrastructure; and,
- Develop a diverse and robust national cyber workforce.
Forge International Partnerships to Pursue Shared Goals
- Leverage international coalitions and partnerships among like-minded nations to counter threats to the digital ecosystem through joint preparedness, response and cost imposition;
- Increase the capacity of partners to defend themselves against cyber threats, both in peacetime and in crisis; and,
- Work with allies and partners to make secure, reliable and trustworthy global supply chains for information and communications technology and operational technology products and services.