{"id":614697,"date":"2023-03-05T08:48:44","date_gmt":"2023-03-05T14:48:44","guid":{"rendered":"https:\/\/news.sellorbuyhomefast.com\/index.php\/2023\/03\/05\/white-house-unveils-national-cybersecurity-strategy\/"},"modified":"2023-03-05T08:48:44","modified_gmt":"2023-03-05T14:48:44","slug":"white-house-unveils-national-cybersecurity-strategy","status":"publish","type":"post","link":"https:\/\/newsycanuse.com\/index.php\/2023\/03\/05\/white-house-unveils-national-cybersecurity-strategy\/","title":{"rendered":"White House unveils National Cybersecurity Strategy"},"content":{"rendered":"<div id=\"content-header\">\n<h2>The strategy will focus on ensuring closer collaboration on cyber security between government and industry, while giving software and other tech companies a bigger role in combatting threats due to their resources and expertise <\/h2>\n<\/div>\n<div id=\"content-center\">\n<ul>\n<li><i data-icon=\"1\"><\/i><\/li>\n<li><i data-icon=\"2\"><\/i><\/li>\n<\/ul>\n<div id=\"contributors-block\">\n<p><img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/rms\/computerweekly\/Sebastian-Klovig-Skelton-CW-contributor.jpg\" alt=\"Sebastian Klovig Skelton\">\n\t\t\t\t\t<\/p>\n<p><span>By<\/span><\/p>\n<ul>\n<li>\n\t\t\t\t\t<a href=\"https:\/\/www.techtarget.com\/contributor\/Sebastian-Klovig-Skelton\">Sebastian Klovig Skelton,<\/a><br \/>\n\t\t\t\t\t\t<span>Senior reporter<\/span>\n\t\t\t\t\t\t<\/li>\n<\/ul>\n<p>\n\tPublished: <span>03 Mar 2023 17:15<\/span>\n<\/p>\n<\/div>\n<section id=\"content-body\">\n<p>The White House has released its National Cybersecurity Strategy, which envisages a much greater role for US software vendors and tech providers in combatting the growing number of cyber threats.<\/p>\n<p>Published 3 March 2023, the <a href=\"https:\/\/www.whitehouse.gov\/wp-content\/uploads\/2023\/03\/National-Cybersecurity-Strategy-2023.pdf\">strategy<\/a> sets out the Biden administration\u2019s plan to make two fundamental shifts in how the US approaches cyber security.<\/p>\n<p>The first shift entails much closer collaboration between government and industry, with the strategy noting that organisations with the requisite expertise and resources should be the ones to shoulder the burden of dealing with cyber threats. \u00a0<\/p>\n<p>\u201cOur collective cyber resilience cannot rely on the constant vigilance of our smallest organisations and individual citizens,\u201d it said. \u201cInstead, across both the public and private sector, we must ask more of the most capable and best-position actors to make our digital ecosystem secure and resilient.\u201d \u00a0<\/p>\n<p>It added this would include various national and federal cyber security bodies or initiatives, as well as a wide range of private actors: \u201cThe federal government [will] also deepen operational and strategic collaboration with software, hardware and managed service providers with the capability to reshape the cyber landscape in favour of greater security and resilience.\u201d<\/p>\n<p><a href=\"https:\/\/www.computerweekly.com\/news\/252500714\/Biden-beefs-up-public-private-security-cooperation\">Biden previously signed an Executive Order in May 2021<\/a> to harden America\u2019s cyber defences, with a big emphasis on public-private partnerships and information sharing, which was described at the time by the administration as \u201cthe first of many ambitious steps\u201d to modernise the US\u2019 cyber defences.<\/p>\n<p>He later signed a <a href=\"https:\/\/www.computerweekly.com\/news\/252514695\/Biden-signs-ransomware-reporting-mandate-into-law\">new cyber security incident reporting mandate into law in March 2022<\/a>, making it a legal requirement for operators of critical national infrastructure to disclose cyber attacks to the US government.<\/p>\n<p>On top of rebalancing the responsibility for defending cyber space, the strategy also aims to realign incentives to favour long-term investment, so that the US can make its cyber space \u201cmore inherently defensible and resilient\u201d in the future.<\/p>\n<p>\u201cWe must ensure that market forces and public programmes alike reward security and resilience, build a robust and diverse cyber workforce, embrace security and resilience by design, strategically coordinate research and development investments in cyber security, and promote the collaborative stewardship of our digital ecosystem,\u201d it said.<\/p>\n<p>To achieve these two \u201cfundamental shifts\u201d in the US cyber security approach, the strategy outlines five pillars: defend critical infrastructure; disrupt and dismantle threat actors; shape market forces to drive security and resilience; invest in a resilient future; and forge international partnerships to pursue shared goals.<\/p>\n<p>In terms of the private sectors role, the White House said on a <a href=\"https:\/\/www.whitehouse.gov\/briefing-room\/statements-releases\/2023\/03\/02\/fact-sheet-biden-harris-administration-announces-national-cybersecurity-strategy\/\">fact sheet<\/a> that these pillars would entail enabling public-private collaboration to work at the necessary speed and scale; engaging the private sector I threat actor disruption activities; and diverting liability for security failures to software companies<\/p>\n<p>It added that, more generally, the White House will work to expand the use of minimum cyber security requirements; modernise federal networks and incident response policies; promote the privacy and security of personal data; and strategically employ \u201call tools of national power\u201d to disrupt adversaries.<\/p>\n<p>The strategy would be implemented by the National Security Council (NSC) in coordination with the Office of Management and Budget (OMB)and the Office of National Cyber Director (ONCD), which will be tasked with making annual reports to the president and congress on the strategy\u2019s efficacy.<\/p>\n<p>Brian Fox, co-founder chief technology officer at software supply chain management company Sonatype, who contributed to the development of the strategy, praised the strategy\u2019s move to ensure vendors have greater liability for cyber security risks.<\/p>\n<p>\u201c<a href=\"https:\/\/www.computerweekly.com\/news\/252510860\/What-is-Log4Shell-and-why-are-we-panicking-about-it\">Log4shell<\/a> was the impetus for calls to action for better software supply chain security by governments worldwide,\u201d he said, adding the strategy is a \u201clandmark moment for the industry\u201d that signals a nuanced understanding of today\u2019s threat landscape.<\/p>\n<p>\u201cMarket forces are leading to a race to the bottom in certain industries, while contract law allows software vendors of all kinds to shield themselves from liability&#8230;the strategy aptly starts by taking away vendors\u2019 ability to disclaim any and all liability, while recognising that even a perfect security process can\u2019t guarantee perfect outcomes.\u201d<\/p>\n<p>He added that the strategy also moves to hold companies that collect massive amounts of information, and then leave that information open to attackers with little recourse, to account.<\/p>\n<p>\u201cWithout regulation changes, the ramifications of these types of breaches can be huge for consumers, while the resulting lawsuits amount to a rounding error and a cost of doing business for these companies,\u201d he said. \u201cChanging the dynamics of accountability is the only way to drive the proper outcomes. But it\u2019s just the beginning of a much larger conversation.\u201d<\/p>\n<p>Michael McPherson, senior vice-president of security operations at ReliaQuest, also welcomed the strategy, saying it \u201caffirms the whole-of-government approach to partner closely with the private sector to impose maximum impact on the adversary\u201d.<\/p>\n<p>\u201cUltimately, the US government wants to degrade the adversary\u2019s ecosystem and impose consequences for their illicit activities,\u201d he added. \u201cAgencies like the FBI will continue to play a leading role in coordinating efforts and driving these disruption operations. While there will be enormous challenges for collaborating with the private sector, this strategy outlines it is imperative to national security.\u201d<\/p>\n<\/section>\n<section id=\"DigDeeperSplash\">\n<h4>\n\t\t\t<i data-icon=\"m\"><\/i>Read more on Business intelligence and analytics<\/h4>\n<ul>\n<li><a id=\"DigDeeperItem-1\" href=\"https:\/\/www.computerweekly.com\/blog\/When-IT-Meets-Politics\/UK-and-US-Strategies-for-Public-Private-co-operation-on-Cyber\"><br \/>\n\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/visuals\/digdeeper\/1.jpg\" srcset=\"https:\/\/cdn.ttgtmedia.com\/visuals\/digdeeper\/1_searchsitetablet_520X173.jpg 960w,https:\/\/cdn.ttgtmedia.com\/visuals\/digdeeper\/1.jpg 1280w\" alt ><\/p>\n<h5>UK and US Strategies for Public Private co-operation on Cyber<\/h5>\n<div>\n<p><img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/rms\/computerweekly\/Philip-Virgo-140px.jpg\" alt=\"PhilipVirgo\">\n\t\t\t\t\t\t\t\t\t<\/p>\n<p><span>By: <span>Philip\u00a0Virgo<\/span><\/span>\n\t\t\t\t\t\t\t<\/p>\n<\/div>\n<p>\t\t\t\t<\/a><\/li>\n<li><a id=\"DigDeeperItem-2\" href=\"https:\/\/www.computerweekly.com\/news\/252528053\/Industrial-IoT-focus-of-next-NCSC-startup-challenge\"><br \/>\n\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/visuals\/German\/article\/industrail-IoT-3-adobe_searchsitetablet_520X173.jpg\" srcset=\"https:\/\/cdn.ttgtmedia.com\/visuals\/German\/article\/industrail-IoT-3-adobe_searchsitetablet_520X173.jpg 960w,https:\/\/cdn.ttgtmedia.com\/visuals\/German\/article\/industrail-IoT-3-adobe.jpg 1280w\" alt ><\/p>\n<h5>Industrial IoT focus of next NCSC startup challenge<\/h5>\n<div>\n<p><img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/rms\/computerweekly\/Alex-Scroxton-CW-Contributor-2022.jpg\" alt=\"AlexScroxton\">\n\t\t\t\t\t\t\t\t\t<\/p>\n<p><span>By: <span>Alex\u00a0Scroxton<\/span><\/span>\n\t\t\t\t\t\t\t<\/p>\n<\/div>\n<p>\t\t\t\t<\/a><\/li>\n<li><a id=\"DigDeeperItem-3\" href=\"https:\/\/www.computerweekly.com\/news\/252527557\/Dutch-national-cyber-security-strategy-aims-to-protect-digital-society\"><br \/>\n\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/visuals\/ComputerWeekly\/Hero Images\/Amsterdam-Netherlands-Benelux-fotolia_searchsitetablet_520X173.jpg\" srcset=\"https:\/\/cdn.ttgtmedia.com\/visuals\/ComputerWeekly\/Hero%20Images\/Amsterdam-Netherlands-Benelux-fotolia_searchsitetablet_520X173.jpg 960w,https:\/\/cdn.ttgtmedia.com\/visuals\/ComputerWeekly\/Hero%20Images\/Amsterdam-Netherlands-Benelux-fotolia.jpg 1280w\" alt ><\/p>\n<h5>Dutch national cyber security strategy aims to protect digital society<\/h5>\n<p>\t\t\t\t<\/a><\/li>\n<li><a id=\"DigDeeperItem-4\" href=\"https:\/\/www.computerweekly.com\/news\/252527195\/MoD-recruits-Immersive-Labs-to-bolster-cyber-resilience\"><br \/>\n\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/visuals\/ComputerWeekly\/Hero Images\/UK-british-army-union-flag-adobe_searchsitetablet_520X173.jpg\" srcset=\"https:\/\/cdn.ttgtmedia.com\/visuals\/ComputerWeekly\/Hero%20Images\/UK-british-army-union-flag-adobe_searchsitetablet_520X173.jpg 960w,https:\/\/cdn.ttgtmedia.com\/visuals\/ComputerWeekly\/Hero%20Images\/UK-british-army-union-flag-adobe.jpg 1280w\" alt ><\/p>\n<h5>MoD recruits Immersive Labs to bolster cyber resilience<\/h5>\n<div>\n<p><img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/rms\/computerweekly\/Alex-Scroxton-CW-Contributor-2022.jpg\" alt=\"AlexScroxton\">\n\t\t\t\t\t\t\t\t\t<\/p>\n<p><span>By: <span>Alex\u00a0Scroxton<\/span><\/span>\n\t\t\t\t\t\t\t<\/p>\n<\/div>\n<p>\t\t\t\t<\/a><\/li>\n<\/ul>\n<\/section>\n<\/div>\n<p><a href=\"https:\/\/www.computerweekly.com\/news\/365532007\/White-House-unveils-National-Cybersecurity-Strategy\" class=\"button purchase\" rel=\"nofollow noopener\" target=\"_blank\">Read More<\/a><br \/>\n Becki Fleishman<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The strategy will focus on ensuring closer collaboration on cyber security between government and industry, while giving software and other tech companies a bigger role in combatting threats due to their resources and expertise By Sebastian Klovig Skelton, Senior reporter Published: 03 Mar 2023 17:15 The White House has released its National Cybersecurity Strategy, which<\/p>\n","protected":false},"author":1,"featured_media":614698,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[10,46,9],"tags":[],"class_list":{"0":"post-614697","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-house","8":"category-technology","9":"category-white"},"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/614697","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/comments?post=614697"}],"version-history":[{"count":0,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/614697\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media\/614698"}],"wp:attachment":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media?parent=614697"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/categories?post=614697"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/tags?post=614697"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}