The new National Cyber Strategy from the Biden administration aims to strengthen the nation's cybersecurity and protect against cyber threats. The strategy emphasizes cybersecurity more, with increased regulation, collaboration, and funding for cybersecurity initiatives.
At Security Journey, we help organizations educate developers on secure coding to protect their applications from outsider and insider threats.
In this article, we'll examine the 2023 National Cyber Strategy.
2023 National Cyber Strategy
The 2023 National Cyber Strategy focuses on regulating critical infrastructure sectors and greater collaboration between the government and private sector to strengthen cybersecurity.
The strategy will likely result in greater scrutiny and focus on cybersecurity for all sectors, including application developers, and presents new opportunities for collaboration and funding.
The two fundamental shifts identified in the strategy include:
- Rebalancing the responsibility to defend cyberspace by shifting the burden for cybersecurity away from individuals, small businesses, and local governments and onto the most capable and best-positioned organizations to reduce risks for all of us.
- Realigning incentives to favor long-term investments by striking a careful balance between defending ourselves against urgent threats today and simultaneously strategically planning for and investing in a resilient future.
The strategy builds on five core pillars:
- Defend Critical Infrastructure: Establish minimum standards to secure critical sectors while enabling public-private collaboration and modernizing federal government networks.
- Disrupt and Dismantle Threat Actors: Using all instruments of national power to disrupt adversaries while engaging the private sector and working with global partners to combat ransomware.
- Shape Market Forces to Drive Security and Resilience: Shift responsibility for secure software and services to creators and providers, support data privacy, and establish grant programs in new infrastructure.
- Invest in a Resilient Future: Reduce technical vulnerabilities, build a diverse cyber workforce, and prioritize next-generation cyber research and development.
- Forge International Partnerships to Pursue Shared Goals: Establish global partnerships to combat cybercrimes, help nations defend themselves, and work to develop secure global supply chains.
"Today, across the public and private sectors, we tend to devolve responsibility for cyber risk downwards," Kemba Walden, acting national cyber director, said during a conference call with reporters Wednesday. "We ask individuals, small businesses, and local governments to shoulder a significant burden for defending us all. This isn't just unfair; it's ineffective."
FACT SHEET: Biden-Harris Administration Announces National Cybersecurity Strategy
Why Did The Biden Administration Release The 2023 National Cyber Security Strategy?
Creating the National Cyber Strategy by the Biden administration is a significant step in addressing the growing threat of cyber threats in the US.
The strategy recognizes the importance of collaboration between the government and the private sector and includes various initiatives to enhance cybersecurity across all industries. This is important because cyber attacks can have severe consequences, including financial losses, disruption of critical services, and compromise of sensitive data.
The National Cyber Strategy is designed to provide a comprehensive approach to addressing these threats and promoting innovation in cybersecurity technologies.
The success of the National Cyber Strategy will depend on effective implementation and ongoing adaptation to new and emerging threats. Cyber attacks are constantly evolving, and it is important that the National Cyber Strategy remains flexible and responsive to these changes. The National Cyber Strategy must also address the challenge of balancing security with the need for an open and secure internet, which is essential for promoting innovation and economic growth.
Explained: Executive Order on Improving the Nation's Cybersecurity
What The 2023 National Cyber Security Strategy Means for You
"To be able to 'invest in a resilient future' and ensure this new cyber strategy is a success, technology providers will now have to make securing their applications a priority equal to speed to market. To do so, continuous secure coding training programs for all the members of the SDLC is non-negotiable," says Any Baker, Security Education Evangelist, Security Journey.
The National Cyber Strategy is a positive step in addressing the threat of cyber attacks and protecting the security and prosperity of the United States. It provides a framework for collaboration and innovation in cybersecurity and highlights the importance of a comprehensive approach to addressing cyber threats.
Let's explore how this national strategy could affect you.
Increased Emphasis on Security
The new strategy emphasizes cybersecurity, which means that application developers will need to prioritize security in the development process. This may require additional investment in security measures and testing and a focus on best practices for secure coding.
The strategy focuses on regulating critical infrastructure sectors, including technology companies developing applications. This could mean more regulatory oversight and compliance requirements for application developers.
The strategy focuses on government and private sector collaboration to strengthen cybersecurity. Application developers may be asked to collaborate with the government on cybersecurity initiatives or to share information about potential threats.
The strategy includes increased funding for cybersecurity initiatives through grant programs, which may open up funding opportunities for secure coding training for application developers.
How To Strategize Your Next Steps
While there are no immediate next steps for you or your organization, knowing how this renewed effort could affect your SDLC in the long term is best.
Extensive secure coding training is always a significant first step – more education can't steer you wrong. Talk to our team today if you'd like to learn more about the secure coding training your organization needs.