The National Cybersecurity Strategy | How the US Government Plans to Protect America

On Thursday, the Biden administration released its long-awaited national cybersecurity strategy, outlining how the US government should approach cybercrime, its own defenses, and the private sector’s responsibility for security over the next several years. The White House says an updated strategy, cohesive across federal agencies, is necessary due to the growing importance of digital services, spurred in part by stay-at-home orders during the Covid-19 pandemic.

At the same time, malicious cyber activity has evolved from a criminal nuisance to a threat to national security, conducted by criminal gangs and nation-states alike. In this post, we explore the details of this plan and how it will protect America’s digital landscape.

Background

The National Cybersecurity Strategy aims to tackle evolving cyber threats and vulnerabilities by creating a unified approach to cybersecurity. The plan seeks to protect the nation’s digital infrastructure from cyber threats by leveraging partnerships with the private sector, other governments, and international organizations to enhance cybersecurity capabilities. More importantly, it sets to coordinate the diverse resources of the U.S. government to ideally operate in lockstep, via their respective authorities and areas of responsibility.

The Current Cybersecurity Landscape

Criminal gangs and nation-states increasingly target US government agencies and critical infrastructure, causing disruption, financial losses, and national security threats. Ransomware attacks, one of the most common types of cyber threats, increased by 300% in 2020, and by 2021 the threat of ransomware had become so severe that CISA and the NSA reported attacks on 14 of the nation’s 16 critical infrastructure sectors. Meanwhile, the DoJ noted that, though they received fewer headlines, 75% of all ransomware attacks were on small businesses, proving that the threat is systemic and affecting society and the economy as a whole.

Phishing, social engineering, and supply chain attacks are increasingly common cyber threats that entail the compromise of sensitive data, theft of login credentials, and loss of system integrity via the introduction of malware, leading to financial loss and reputational damage. Understanding the severity of these threats and developing a comprehensive national cybersecurity strategy that addresses these challenges is essential.

Why Do We Need a National Cybersecurity Strategy?

SentinelOne’s Juan Andres Guerrero-Saade, Senior Director of the company’s threat intelligence and research arm SentinelLabs, explained the necessity and importance of the government’s intiative.

“Security vendors, threat intelligence companies, ISPs, mass distribution platforms, hosting providers, and many other essential services and foundational components seamlessly blend together into what we refer to as the Internet. Each of these stakeholders are attempting to defend their own slice of the proverbial pie. This collective can form a formidable force for good, when empowered to work together with the best intentions. However, there are actions beyond the remit of the private sector, like indictment, prosecutions, and law enforcement activities, victim notifications, and leveraging threat intelligence to protect national infrastructure and critical systems. This is where the government gets to play a clear and necessary role, employing unique authorities and resources.

The National Cybersecurity Strategy sets out a direction to coordinate the alphabet soup of diverse public sector organizations with diverse and overlapping authorities. As we detail below, the strategy is split into five pillars with fairly straightforward intent. We won’t know its practical application until further implementation documents are set down on paper and (importantly) budget is assigned to diverse initiatives and government vessels. That may mean we can’t judge its effectiveness at this time, but it’s worth noting that the stated approach at the heart of this new strategy is one of reshaping market dynamics to incentivize and reward security investment.

There’s a recognition that the free market alone isn’t rewarding security investments and has established a series of dark patterns that perpetuate pervasive and insidious difficulties for user safety. The ethos of the internet is one of radical freedom of information, democratized empowerment, and enabling innovation. But given the current state of our security challenges, even its staunchest supporters would do well to welcome some (well-directed) government intervention in furthering digital safety, shifting liability, and fomenting effective coordination.”

Overview of the National Cybersecurity Strategy

In today’s digital age, cybersecurity is no longer a luxury but a necessity. With every technological advancement, the risks and vulnerabilities to our digital infrastructure continue to increase.

The National Cybersecurity Strategy has five key pillars to safeguard the nation from cyber threats and secure the nation’s critical infrastructure, essential services, and digital ecosystem.

1. Defend Critical Infrastructure

Critical infrastructure provides daily essential services to millions of Americans. The first pillar of the National Cybersecurity Strategy recognizes the importance of protecting this critical infrastructure and outlines a plan to ensure its resilience against cyber threats.

This plan calls for an expansion of minimum cybersecurity requirements in critical sectors, the fostering of public-private collaboration, and modernizing Federal networks and incident response policies.

2. Disrupt and Dismantle Threat Actors

The second pillar aims to effectively combat malicious cyber threats. The United States, the strategy says, must use all instruments of national power to disrupt and dismantle threat actors.

This includes strategically employing all tools of national power, engaging the private sector, and addressing the ransomware threat through a comprehensive Federal approach in lockstep with international partners.

3. Shape Market Forces to Drive Security and Resilience

The digital ecosystem is complex, with various stakeholders responsible for ensuring its security and resilience. The National Cybersecurity Strategy seeks to place responsibility on those within the ecosystem who are best positioned to reduce risk and shift the consequences of poor cybersecurity away from the most vulnerable.

Vital to this effort is promoting privacy and the security of personal data, shifting liability for software products and services, and ensuring that Federal grant programs promote investments in new infrastructure that are secure and resilient.

4. Invest in a Resilient Future

Investing in a resilient future is critical to securing the nation’s digital ecosystem against cyber threats. Investment in cybersecurity has not matched the threats we all face, and both the public and private sectors need to address this investment gap.

The National Cybersecurity Strategy will leverage strategic and public investments in innovation, R&D and education. These will aim to ensure U.S leadership in technology and innovation while at the same time defending the nation’s intellectual property, electoral processes and national defenses against adversaries and malicious actors. The strategy will focus on developing and deploying emerging and innovative technologies for cybersecurity.

5. Forge International Partnerships to Pursue Shared Goals

Geographic boundaries do not limit cyber threats, and nations must understand that they cannot combat them alone. The fifth pillar of the National Cybersecurity Strategy seeks to forge international partnerships with like-minded nations to counter threats to the digital ecosystem through joint preparedness, response, and cost imposition.

In order to defend the United States’ national interests, it is critical to increase the capacity of partners to defend themselves against cyber threats. The strategy calls for closer cooperation with US allies and partners to make secure, reliable, and trustworthy global supply chains.

Conclusion

SentinelOne supports the new National Cybersecurity Strategy because it aims to address the growing threat of cybercrime and cyberattacks on the nation’s digital infrastructure.

The strategy emphasizes the need for a cohesive approach to cybersecurity across federal agencies, partnerships with the private sector, and international collaboration to enhance cybersecurity capabilities. By coordinating the resources of the U.S. government, the strategy aims to create a more effective defense against cyber threats.

SentinelOne recognizes the importance of this approach and is committed to supporting the implementation of the National Cybersecurity Strategy to protect America’s digital landscape.