President Biden’s focus on cybersecurity has been present from the get-go and continues to be timely and necessary. In 2021, the White House issued the administration’s cybersecurity strategy, created the Office of the National Cyber Director within his administration to address the issue, and brought together public and private partnerships to address the nation’s security. This administration has evolved their effort to an all-of-government approach. In 2023, they double down and augment the 2021 strategic effort with an enhanced strategy designed to protect the American people, companies, and the nation at large.
White House 2023 – National Cybersecurity Strategy
The Administration is shooting for the moon in 2023, with their National Cybersecurity Strategy, pledging a “reimagined cyberspace” which will effectively be a tool to achieve the goals of the nation. Singled out were, “economic security and prosperity; respect for human rights and fundamental freedoms; trust in our democracy and democratic institutions; and an equitable and diverse society.” This will require fundamental “shifts in how the U.S. allocates roles, responsibilities, and resources in cyberspace.”
In line with the intent of 2021, the White House notes that to defend cyberspace, shifts will be required that the burden for the nation’s cybersecurity must fall on those “most capable and best positioned.” Going into 2023, the Administration recognizes that the current burden on achieving cybersecurity is largely the individual, small businesses, and local governments, thus by ensuring those who are “best positioned” to be resourced, the whole evolves into a more secure cyberspace for the U.S.
In keeping with the all of government approach, “all of the tools of national power” are availed to be used.
Recognizing the complexity of the threat environment and the rate at which “next-generation technologies are reaching maturity,” creates many opportunities for the “state and non-state actors developing and executing novel campaigns to threaten our interests.
In 2021, Biden pledged to break down the barriers to share threat information – this will have to be enhanced and continued in 2023 for the strategic goals to be successful. The Strategy paints a vision of providing a defensible, affordable and effective cyber landscape where errors and incidents are not widespread or have a lasting impact.
Efforts to date include:
- National Security Strategy, Executive Order 14028 (Improving the Nation’s Cybersecurity);
- National Security Memorandum 5 (Improving Cybersecurity for Critical Infrastructure Control Systems);
- M-22-09 (Moving the U.S. Government Toward Zero-Trust Cybersecurity Principles); and
- National Security Memorandum 10 (Promoting United States Leadership in Quantum Computing While Mitigating Risks to Vulnerable Cryptographic Systems).
The White House has identified five areas of focus in the 2023 Strategy:
- Defend Critical Infrastructure
- Disrupt and Dismantle Threat Actors
- Shape Market Forces to Drive Security and Resilience
- Invest in a Resilient Future
- Forge International Partnerships to Pursue Shared Goals
Taken together, the U.S. is clearly signaling to its allies that we are in the fight with them. We will share information and the results of technological investments. In addition, the investment in creating an environment within which entities operate with predictable and streamlined processes which reduce the complexity of compliance is a long-awaited goal. Similarly, the interest in shaping the market to produce strong, resilient and secure systems, processes and procedures is long overdue.
Biden cranked up the engine of government, like that of his Corvette and is now hitting the gas, as he pushes the government and industry both to pick up speed and keep the tires on the road.