The “National Cyber Strategy”, released recently by the White House, offers a broad blueprint for America’s approach to cybersecurity. Let’s look its four “pillars”, and their key elements.
1. Protecting the American People, Homeland, and the American Way of Life
Such a broad mandate obviously covers a lot of ground, but some key items to note are the emphasis on risk management (especially supply chain risk management), and – contractors take note – the need to improve contractor security, presumably beyond the 800-171 requirements. The strategy also affects the private sector in its call for incentives, for cybersecurity in general, and for R&D particular.
An interesting component the strategy is Space Cybersecurity, which encompasses such critical systems as positioning, navigation, and timing (PNT) systems; intelligence, surveillance and reconnaissance (ISR); satellite communications; and weather monitoring systems.
On the legal front, we also see a call for greater enforcement of cybersecurity laws, and apprehension of hackers, both in the U.S. and abroad.
2. Promote American Prosperity
The second pillar focuses on business, recognizing the centrality of the Internet to business and commerce. First, it seeks to promote a “vibrant and resilient digital economy”, by incentivizing innovation in cybersecurity. It also calls for increased protections of American intellectual property.
Perhaps the most important element of this pillar is the call for an expanded and improved cybersecurity workforce. Success in this area is critical; workforce woes are a common theme throughout the Federal cybersecurity world.
3. Preserve Peace Through Strength
In some ways, this pillar is a diplomatic initiative, since it calls for cooperation with other countries to improve “universal adherence to Cyber Norms”. Nations that don’t cooperate, however, may have to pay a price. The strategy also urges attribution and deterrence of unacceptable behavior, including actions to “Counter Malign Cyber Influence and Information Operations”, more commonly known as “hack back”. This could prove controversial, as there are many opinions – few of them mild – on the efficacy and wisdom of this approach.
4. Advance American Influence
The fourth and final pillar of the strategy seeks to establish an “Open, Interoperable, Reliable, and Secure Internet”, by working with like-minded nations, creating a “multi-stakeholder model of governance”, and improving overall communications infrastructure.
All four pillars set out noble and worthwhile goals. Cybersecurity, however, is a notoriously knotty problem, so achieving these goals may prove difficult. We have no choice but to try, though. We do this by deploying the market’s best technologies from DLT's technology partners and through continuous innovation and constant improvement.
Want to learn more? Check out this in-depth webinar from DLT, White House Cybersecurity Strategy: The Essence.