In this post, we’ll highlight the key components of the new National Cybersecurity Strategy, so you can stay informed without getting stuck in the weeds.
On March 2nd, 2023, the Biden-Harris Administration released a fact sheet announcing the National Cybersecurity Strategy, which outlines their vision for securing the nation’s digital infrastructure and ensuring the safety of American citizens online. This strategy addresses the growing number of cyber threats facing the United States, including ransomware attacks, supply chain vulnerabilities, and state-sponsored hacking.
In this post, we’ll highlight the key components of the new National Cybersecurity Strategy, so you can stay informed without getting stuck in the weeds.
5 pillars of the National Cybersecurity Strategy
The National Cybersecurity Strategy consists of five main pillars:
Defend critical infrastructure
Disrupt and dismantle threat actors
Shape market forces to drive security and resilience
Invest in a resilient future
Forge international partnerships to pursue shared goals
The National Cybersecurity Strategy also calls for fundamental shifts in rebalancing the responsibility to defend cyberspace. The digital ecosystem’s most enormous, capable, and best-positioned actors in the public or private sectors can, and should, assume a more significant share of the burden when it comes to mitigating cyber risk.
Strategic objectives of the National Cybersecurity Strategy
The critical strategic objectives include:
Protecting critical infrastructure. This includes efforts to secure the systems and networks that are essential to the functioning of society — such as energy, transportation, and healthcare systems.
Strengthening federal cybersecurity involves enhancing the security of federal networks and systems, improving incident response capabilities, and promoting information sharing between government agencies and the private sector.
Promoting innovation and investment in cybersecurity. This includes efforts to promote research and development in cybersecurity technologies and initiatives to promote security education and workforce development.
Advancing international cooperation on cybersecurity involves collaborating with other nations to address global cybersecurity challenges, promoting cybersecurity norms and standards, and enhancing information sharing and capacity-building efforts.
Key highlights for cybersecurity
The strategy produced some interesting highlights and key points around cybersecurity, including:
Enhance supply chain security. The strategy includes initiatives to improve the security of the supply chains that support critical infrastructure, and federal systems to reduce the risk of cyberattacks and disruptions.
Improve incident response and recovery. The strategy emphasizes the need for effective incident response and recovery capabilities — including increased information sharing, improved threat intelligence, and enhanced coordination between public and private sector entities.
Promote cybersecurity workforce development. The strategy includes initiatives to address the cybersecurity skills gap — such as promoting cybersecurity education and training programs, expanding the cybersecurity workforce, and encouraging diversity and inclusion in the cybersecurity field.
Strengthen partnerships with the private sector. The strategy highlights the private sector’s key role in cybersecurity and includes initiatives to enhance public-private partnerships — such as sharing threat intelligence, promoting best practices, and facilitating joint exercises and simulations.
Overall, the National Cybersecurity Strategy represents a comprehensive approach to addressing the complex and evolving cybersecurity threats facing the United States, and demonstrates the Biden-Harris Administration’s commitment to protecting American citizens in the digital age.
“This rallying cry for developer security is something that should be addressed by companies before rules and penalties are put in place.
Snyk has seen numerous organizations embedding secure software best practices in their development cycles from the start or the initial line of code. They are doing this by empowering their own developers to create secure applications in a seamless and responsible way.*
By integrating and automating secure software development practices into their workflows, they are deploying ways to find, fix, and remediate vulnerabilities in both pre-production and production applications, and as a result, bringing developers, IT, and security teams together as one team.”
- Peter McKay, CEO of Snyk — Cybernews.com
How you can prepare
Snyk can help you prepare for the National Cybersecurity Strategy with our developer first solutions for application security, supply chain security, and cloud security. Embed security in your development pipelines as early as possible to prevent expensive fixes in production. Get started today with a free Snyk account or by booking a demo with one of our security experts.
To learn more about Biden-Harris’s 2023 Strategy, check out **Gartner’s article** on the potential implications of these new regulations.