Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Threat Environment. Show all posts

White House Cybersecurity Strategy warns of "Complex Threat Environment"

 


There was a national cyber-security strategy published by the White House on March 2. It contains a list of threats to U.S. networks terrestrially and in space related to Russian and Chinese hackers. 

"Evolving intelligence" suggests many options could be explored for potential cyberattacks against critical U.S. infrastructure, as President Biden warned on Monday. 

Anne Neuberger, Mr. Biden's deputy national security adviser for cyber and emerging technology, told reporters Monday afternoon that U.S. officials have observed "preparatory work" linked to nation-state actors, despite no evidence of any specific cyberattack threat. The fact that U.S. companies are scanning their websites and hunting for vulnerabilities may indicate an increase in vulnerability-hunting activities. 

On Thursday, the Biden administration released its nationally comprehensive cybersecurity strategy. This provides the steps required to ensure the nation's cyber ecosystem is protected from threats. 

A few key pillars will be emphasized in the strategy as it moves forward. In addition to cyberattacks, these efforts include disrupting and dismantling cyber criminals, establishing international partnerships, and protecting critical infrastructure from cyberattacks. 

The White House will still need to implement Space Policy Directive 5. This was issued by the previous administration in September 2020 and focuses on space systems protection. Although the updated document replaces the Trump administration's 2018 cybersecurity strategy, the White House will continue to implement that strategy. 

It was stated in the strategy that the first pillar will enhance cybersecurity requirements for critical sectors. This will secure critical infrastructure. Public-private partnerships and federal network modernization will also be formed to keep up with cyber security threats. 

It has been interesting to see bipartisan support for several cyber bills that Congress introduced and passed last year aimed at protecting critical infrastructure. These include critical infrastructure in the health and energy sectors. 

Moreover, Kemba Walden suggested that the government should utilize all resources at its disposal, including the military and law enforcement authorities. This will disrupt malicious cyber activity and pursue perpetrators. 

Walden assumed the role of acting director after Chris Inglis resigned due to health reasons. Biden named Inglis as the first director of cyber security for the nation in 2021 following a nomination by Biden. Inglis announced his resignation in mid-February.  

There is a second pillar of the strategy that focuses on disrupting and dismantling cyber criminals, such as nation-state threats.

To protect the country's national security and public safety, the government uses every available resource to "make it harder for them to pose a threat to national security." 

Increasing collaboration and partnership with foreign partners who share the same mission is the third pillar of the strategy. The administration announced today that to counter cyberattacks it will use international coalitions among "like-minded nations." 

SPD 5 was touted as a first step toward developing an accurate and comprehensive security policy for satellites and systems that connect them to the Internet. 

The role that space systems play as vital infrastructure, as well as providers of essential services, has caused experts to warn that a growing number of attacks are being launched against them. 

A major thrust of the National Cybersecurity Strategy is the realignment of incentives so that long-term investments are prioritized. It has been suggested in recent years that the biggest, most capable, and best-positioned actors in the digital ecosystem - whether in the public or private sectors - can and should take on an increased share of the burden to mitigate cyber risk in their respective industries. Public and private sector entities must have the resources, capabilities, and incentives to choose long-term solutions over temporary fixes when faced with trade-offs between short-term fixes and long-term solutions. 

In addition, the United States remains committed to international cyber partnerships. Defendable, resilient, and value-aligned digital ecosystems will be built with allies and partners. Keeping shared interests at the forefront means promoting an environment where all states are expected to behave responsibly in global cyberspace. On the other hand, a person who displays irresponsible behavior is not only a source of cost but also isolation.

A path is outlined in this strategy to ensure our digital future is secure. By implementing it, the administration will lay the foundation for reliable cyberinfrastructure. This will enable it to achieve its infrastructure, clean energy, equity, democracy, and economic opportunity goals. At the most fundamental level, it acknowledges that cyberspace exists not for its own sake but only to be used in pursuit of our highest goals.