Tag Archives: National Cybersecurity Strategy

Staying Ahead of the Bad Guys: Investing in Cybersecurity

Posted on by

Agencies are challenged to move more and more services online, become more transparent, and leverage new streams of data from the Internet of Things (IoT) for better decision making, all while securing the systems and the data they hold. If that is not challenging enough, cyber threats against all of these efforts are continually evolving. A series of strategies and ongoing guidance are helping agencies prioritize work and budget requests to make the most impactful investments in their cybersecurity infrastructure.

The National Cybersecurity Strategy (NCS) provides broad guidance to help position the United States to build a digital ecosystem that is more easily and inherently defensible, resilient, and aligned with its values. Efforts to do so are organized around five pillars:

1) Defend Critical Infrastructure

2) Disrupt and Dismantle Threat Actors

3) Shape Market Forces to Drive Security and Resilience

4) Invest in a Resilient Future

5) Forge International Partnerships to Pursue Shared Goals Continue reading

National Cybersecurity Strategy: Building a More Secure Future

Posted on by

In March, the Biden Administration released the latest guidance aimed at improving the cybersecurity practices of Federal agencies. The National Cybersecurity Strategy builds on the Executive Order for Improving the Nation's Cybersecurity that makes cybersecurity a strategic focus of every agency. This latest guidance drills further into the actions needed to ensure that government systems and citizen data are protected against the ever-evolving threat landscape.

The goal of the strategy is to "rebalance the responsibility to defend cyberspace" and "realign incentives to favor long-term investments." To do this, the responsibility for cybersecurity must be shifted to the organizations that are most capable and best-positioned to reduce risks. It points out that, "a single person's momentary lapse in judgment, use of an outdated password, or errant click on a suspicious link should not have national security consequences." While security is the responsibility of everyone, small businesses, small localities, and individuals simply do not have the resources to support the security needed to protect systems and data. Instead, the guidance proposes new incentives to favor long-term investments in security, resilience, and new technologies. Continue reading