New National Cybersecurity Strategy Announced
Estimated read time: 3 minutes
The persistent threat of an attack by cybercriminals has prompted many businesses and organizations to increase cybersecurity investments and protections. The evolving sophistication of cyber-attacks combined with unoptimized cybersecurity programs continues to leave many exposed to bad actors. The potential cost of a data breach in a small business can range between $100,000 to well over $1M and is driven by monetary theft, remediation efforts, compliance fines, public relations fees, notification costs, and even an increase in insurance premiums. This range does not include the intangible cost of damages to the company’s brand and the potential loss of future business opportunities. In other words, an effective cybersecurity program is a critical component of corporate risk management.
On March 2, 2023, the Biden Administration published the National Cybersecurity Strategy (NCS). The comprehensive approach explains how the federal government will facilitate a secure and safe digital ecosystem for American families, individuals, and businesses. Previously, the responsibility to protect technology has been left to the private sector, but the paradigm has shifted. The federal government will now be involved in facilitating a stronger cybersecurity posture. This shift is important because the government’s involvement will undoubtedly benefit companies of all sizes. To help clients, prospects, and others, JLK Rosenberger has summarized the key details below.
National Cybersecurity – Five Pillars
The strategy is designed to build and enhance collaboration around five pillars, including:
- Critical Infrastructure Defense – This pillar provides confidence in the availability and resilience of critical infrastructure and services. It will be accomplished by expanding the use of minimum cybersecurity requirements in critical sectors (national security and public safety), encouraging public-private collaboration at the speed necessary to ensure adequate defenses, and focusing on modernizing federal government networks and incident response policies.
- Disrupt & Dismantle Threat Actors – This pillar focuses on rendering malicious cyber actors incapable of threatening national security or public safety. It will be accomplished by deploying all tools of national power to disrupt adversaries, empowering the private sector in disruption activities through scalable tools, and addressing the ransomware threat through a comprehensive federal approach designed in collaboration with international partners.
- Influence Market Forces to Enhance Security – This pillar is focused on placing responsibility on those within the digital ecosystem best suited to reduce the risk of poor cybersecurity away from the most vulnerable. It will be accomplished by promoting privacy and personal data security, shifting liability for software products to promote secure development practices, and ensuring federal grant programs promote investment in new, secure, resilient infrastructure.
- Resilient Future Investments – Through strategic investments and collaborative action, the nation will continue to lead the world in innovation and next-gen technology development. This will be accomplished by reducing systemic technical vulnerabilities, prioritizing cybersecurity research and development (R&D) for next-gen technologies (postquantum encryption), and developing a robust national cybersecurity workforce.
- Facilitate Global Partnerships – The goal is to facilitate responsible state behavior in cyberspace and make irresponsible behavior costly. This will be accomplished by creating international coalitions to counter cyber threats, increasing the capacity to defend against cyber threats in peacetime and during a crisis, and working with allies to secure a reliable and trustworthy global supply chain for information and communications technology products and services.
Federal Cybersecurity Spending
The ambitious goals outlined in the new strategy are reinforced by significant government investments outlined in the Budget of the U.S. Government – Fiscal Year 2024. This includes a total allocation of $26.2B for cybersecurity programs, including $12.7B for civilian agencies and $13.5B for military operations allocated to the Pentagon. These numbers reflect continued support and expansion of federal government efforts to enhance cybersecurity protections.
Biden’s NCS offers a roadmap for a strategic cyber policy at a national level, and its downstream impact on small and medium-sized businesses cannot be ignored. Companies catering to critical infrastructures, including manufacturing and construction industries, may be required to comply with unanticipated compliance requirements. If not properly planned, the cost to remediate IT programs can impact bottom-line revenue. On the other hand, the NCS does present itself as a business opportunity and may enable organizations to leverage it as a business advantage.
We’re Here to Help
The National Cybersecurity Strategy is a necessary step to secure the nation’s digital infrastructure. In time, it will provide companies and organizations with access to increased protection through a well-trained cybersecurity workforce with access to advanced tactics, tools, and programs. If you have questions about the information outlined above or need assistance with a cybersecurity concern, JLK Rosenberger can help. For additional information, call 818-334-8626 or click here to contact us. We look forward to speaking with you soon.