On Thursday, the White House revealed the National Cyber Strategy of the United States, which sets out long-term objectives for promoting secure practices among individuals, governments, and corporations in the digital space.
The plan entails compelling computer and software companies to create safer products by exerting more pressure on them to conduct extensive testing and reducing the number of exploitable loopholes when they release their products to the market.
Kemba Walden, the national cyber policy director, stated that the strategy is a fundamental rethink of the US's cyber security contract and balances responsibility for managing security risks. The plan has five pillars:
- Reinforcing the protection of critical infrastructure.
- Identifying and neutralizing malicious actors.
- Promoting market forces that enhance security and resilience.
- Investing in long-term resilience.
- Fostering international collaborations that serve common objectives.
The US government has taken a more robust stance in response to the increasing number of severe cyberattacks. The 2021 ransomware attack on Colonial Pipeline, the nation's largest oil pipeline operator, and the Solar Winds attack on federal government agencies from 2019-2020 are notable examples.
In these incidents, attackers exploited security flaws in corporate computer systems to gain access to many customers.
Previous cybersecurity approaches by the government focused on voluntary information-sharing practices for state and private firms. Although the Biden administration aims to enhance collaboration with the private sector, this is the first comprehensive and aggressive effort toward cybersecurity regulation.
In addition, the strategy seeks to treat ransomware threats as national security problems rather than just criminal activities in the future.
The White House will implement the strategy without a national cyber director following Christopher Inglis's resignation in mid-February from the National Cyber Director's Office created by Congress in 2021. Instead, Kemba Walden, the deputy, will act as the national cyber director until a new leader is appointed. The director's duties involve coordinating agencies responsible for safeguarding the nation's digital infrastructure and collaborating with industry players.