The US government has released its National Cybersecurity Strategy, which aims to make critical infrastructure vendors accountable for their cybersecurity efforts and authorizes more aggressive tactics to tackle ransomware attacks and foreign adversaries. President Biden has authorized the document, 35 pages long, on Thursday evening, safeguarding American businesses from cyberattacks.
The government plans to use regulation to level the playing field and shift liability onto organizations that fail to make reasonable precautions to secure their software. It also plans to work with Congress to close legal gaps where there are any. The strategy document assigns work to the FBI’s National Cyber Investigative Joint Task Force, which will work alongside all relevant US agencies and private companies as "full partners" to issue early warnings and help repel cyberattacks. The strategy is divided into five parts:
- Defend Critical Infrastructure
- Disrupt and Dismantle Threat Actors
- Shape Market Forces to Drive Security and Resilience
- Invest in a Resilient Future
- Forge International Partnerships to Pursue Shared Goals
The US government's strategy also includes discouraging the payment of data-extortion ransoms to cybercriminals, arguing that reducing their potential for profit is the most effective way to undermine their motivation. The strategy aims to make malicious actors incapable of mounting sustained cyber-enabled campaigns that could threaten the national security or public safety of the US. In the 35 page document authorized by President Biden, the following is stated: “Disruption campaigns must become so sustained and targeted that criminal cyber activity is rendered unprofitable and foreign government actors engaging in malicious cyber activity no longer see it as an effective means of achieving their goals,”
The government will use its authority to set necessary cybersecurity requirements in critical sectors and work with cloud and internet infrastructure providers to identify malicious use of US-based infrastructure, share reports of malicious use, make it easier for victims to report abuse of these systems, and make it harder for malicious actors to gain access to these resources in the first place.
Furthermore, the US government is considering creating a federal cyber insurance safety net to bring stability to the economy in the event of catastrophic cyber events or major crises.
Other Posts you might be interested in:
Following statements made by the White House in May regarding the dangerous uses of AI, the biggest companies spearheading AI development including Google, Meta, Microsoft, OpenAI and Inflection have agreed on a list of eight voluntary commitments, with the ultimate goal of meliorating safety and usage of AI tools.
Read More
Google Cloud has made its Assured Open Source Software platform free, which provides access to vetted open source software packages. The program includes over 1,000 Java and Python packages and features advanced security testing methods to ensure the packages are safe and reliable for developers to use.
Read More
Amidst the proliferation of AI tools, Google has announced new features that allow users to protect themselves from threats, identify AI-generated images and further protect sensitive data.
Read More