Free cookie consent management tool by TermsFeed Policy Generator White House Publishes Implementation Plan for The US National Cybersecurity Strategy | Hamlyn Williams
White House Publishes Implementation Plan for The US National Cybersecurity Strategy
  • Cyber Security
  • Jul 14 2023

The US National Cybersecurity Strategy has been on our radar for some time as a key driver of change within the industry. We have been proactively offering advice and guidance to companies in preparation for the rollout. On July 13, 2023, The White House published its plan for its implementation.

The National Cybersecurity Strategy Implementation Plan (NCSIP) is designed to provide a clear and transparent roadmap to ensure collaboration between US Federal Government agencies in executing the strategy. This strategy marks a significant shift in prioritizing long-term investments by providing incentives, in addition to restructuring how the US allocates roles and resources within cyber.

The NCSIP details over 65 "high-impact" initiatives, each assigned to a responsible agency with established timelines.

This NCSIP details more than 65 high-impact Federal initiatives, and it's vital that companies understand the impact from a staffing perspective. This is because a large portion of the plan is focused on building a skilled cyber workforce while preserving American jobs.

The key initiatives encompass deliverables such as changing legislation and modernizing technology systems and are based on five pillars:

Pillar One | Defending Critical Infrastructure

This focuses on collaboration between government departments, the private sector, and SLTT partners during a cyber incident. It ensures these non-governmental partners understand the help and support that is available and how to access it in a timely manner. The Cybersecurity and Infrastructure Security Agency (CISA) will lead a process to update the National Cyber Incident Response Plan to more fully realize the policy that "a call to one is a call to all." The update will also include clear guidance to external partners on the roles and capabilities of Federal agencies in incident response and recovery.

Pillar Two | Disrupting and Dismantling Threat Actors

This focuses on combatting ransomware and other cybercrime. The FBI will work with Federal, international, and private sector partners to carry out disruption operations against the ransomware ecosystem. A complementary initiative, led by CISA, will include offering resources such as training, cybersecurity services, technical assessments, pre-attack planning, and incident response to high-risk targets of ransomware, like hospitals and schools. This aims to make them less likely to be affected and to reduce the scale and duration of impacts if they are attacked.

Pillar Three | Shaping Market Forces and Driving Security and Resilience

Increasing software transparency allows market actors to better understand their supply chain risk and hold their vendors accountable for secure development practices.

Pillar Four | Investing in a Resilient Future

Drive key cybersecurity standards by coordinating internationally on cybersecurity standardization and enhance US federal agency participation in the process. NIST will also finish standardizing one or more quantum-resistant public-key cryptographic algorithms.

Pillar Five | Forging International Partnerships to Pursue Shared Goals

The Department of State will publish an International Cyberspace and Digital Policy Strategy that incorporates bilateral and multilateral activities.

The Biden-Harris Administration added that this is "a living document that will be updated annually," however, due to the robustness of the process thus far, we don't expect sweeping changes in the foreseeable future.

Importantly, with minimum cybersecurity requirements cascading across industries, private companies will need to ensure their compliance.

Predicted effects on staffing include:

  • Increased demand for professionals with expertise in vendor risk management and cybersecurity.
  • Increased value of professionals with experience in government or hyper-regulated industries.
  • A new demand for project management and compliance skills within cyber leads.

Recommendations from our team include:

  • Hiring experts well-versed in evolving state and federal privacy laws.
  • Shifting towards risk-based cyber roles implies a need to hire professionals with a proactive cybersecurity mindset.
  • In anticipation of future regulatory changes, invest in personnel capable of developing comprehensive risk management procedures and response plans.

Our team is already proactively assisting businesses in navigating regulatory shifts. If you would like to speak to one of our experts, contact us today.

About the author
Sam Roberts
More blogs
Share
Back to Insights
Similar insights
Top Cyber Security Trends: 2024
Discover more
How companies are dealing with the cybersecurity skills gap
Discover more
We asked an AI chatbot for cyber security career advice and the results were.. unnerving.
Discover more
Building a high performing team: lessons learned from technology recruitment
Discover more
Victoria Doig joins as global Operations Director
Discover more
A website to match our global ambition
Discover more
A world free from bias and discrimination: download our International Women's Day whitepaper
Discover more
American Buisness Women's Day 2021 - Cyber Security Focus
Discover more
Increasing Importance of Industrial Cyber Security
Discover more
The rise of cyber crime
Discover more