What to expect from the upcoming national cyber strategy
For decades, Washington policymakers have struggled over meaningfully addressing the collective cybersecurity risks that are brought on by the internet and shared by governments, critical infrastructure, private businesses, and individuals alike. Until recently, many of the efforts to solve these cross-cutting, multi-sector security challenges have been handled through a mix of voluntary cooperation, public-private partnerships and occasional financial enticements to more thoroughly incorporate security considerations into the business process.
But a series of high-profile events — from the 2020 SolarWinds incident to the 2021 Colonial Pipeline, Kaseya and JBS ransomware attacks — marked the beginning of what looks to be a new era in cybersecurity policy, one where the federal government increasingly sheds its reluctance to put hard mandates on businesses where voluntary measures fall short.
That approach, largely implemented by the Biden administration on a piecemeal basis across targeted sectors like oil and gas, pipelines and water over the past year and half, looks set to become official U.S. policy as the White House is expected to roll out its new national cyber strategy this week.
Multiple sources tell SC Media the strategy, developed by the Office of the National Cyber Director, is set to be unveiled as early as this week, with Director Chris Inglis set to step down on the 15th.
Source: SC Media