White House Cybersecurity Strategy Turns to Regulation

The White House has released a National Cybersecurity Strategy calling for comprehensive regulation of the nation’s critical services, with a 38-page blueprint stating that reliance on voluntary cybersecurity measures will follow a surge in ransomware attacks. I admit that I was not able to prevent billions of dollars in economic losses. as “poor and inconsistent results” across critical infrastructure such as energy pipelines, food companies, schools and hospitals.

A new framework led by the Office of the Director of National Cyber ​​Affairs at the White House called on China, Russia, Iran and North Korea to adopt aggressive cyber tactics demonstrating a “reckless disregard for the rule of law” and ramping up ransomware attacks. ing. 2021 Russia-related Offensive in the Colonial Pipelineon national security issues.

“There is an obligation for governments to double down on the tools that only governments can use, including law enforcement and military authorities, to thwart malicious cyber activity and track down perpetrators,” said a press conference this week.

A senior government official previewing the plan noted that “the criminal justice system alone will not be able to address this issue,” and that the Biden administration will adopt “other elements of national power,” including sanctions and “rewards for justice.” Then added: Products that hinder cybercriminal activity.

“I want to shrink the surface of the earth [in which] People can engage in malicious cyber activity without committing a crime — to put pressure on them and make their lives a little more enjoyable. yeah. ”

However, according to the White House strategy, “currently, it is China that poses the broadest, most active, and most persistent threat to both government and private sector networks, and that China is the most and the economic, diplomatic, military, and technological strength to do so.”

China’s growing cyber capabilities, along with growing concerns about hijacking US telecommunications, mass-polluting US waterways, or targeting the US power grid, have sparked ominous warnings from US officials.

“If China were to invade Taiwan, the attack on our critical infrastructure would unfortunately not be overstated,” said CISA Director Jen Yasley. said on monday.

Deputy National Security Advisor Anne Neuberger said: “Recently, we’ve seen cyber threats at the forefront of the geopolitical crisis as the war in Ukraine hits a year old. The United States has previously rebounded It opposed Iran’s intelligence services following attacks on government networks in NATO member Albania.

The prospect of a looming cyber-attack threat against U.S. critical infrastructure has prompted the Biden administration to move beyond traditional, voluntary means of information sharing and public-private partnerships to “level the playing field” in critical sectors. Motivated to impose internal regulations.

Officials say the U.S. 10-year cybersecurity roadmap will help shift the burden of cyber risk away from consumers and “will keep companies out of the race to curb competitors’ cybersecurity spending.” Emphasize that it will help you to

But the Biden administration has already begun mandating cybersecurity to strengthen it. oil and gas pipelines, rail, aviation. Officials previewed plans by the Environmental Protection Agency (EPA) to issue regulations for the water sector. 2021 investigation The Water Sector Coordinating Council found that half of 606 beverage and wastewater organizations spend less than 5% of their budget on IT security.

“While recognizing that even state-of-the-art software security programs cannot prevent all vulnerabilities, we must shift the blame to entities that do not take reasonable precautions to protect their software. No,” said Strategy.

“All Americans should be able to benefit from cyberspace,” Walden said. “But not all Americans should have the same responsibility for keeping it safe. Congress has previously passed law In the event of a large-scale cyberattack, critical infrastructure owners and operators must report it to the federal government within 72 hours.

According to the strategy, “where federal departments and agencies have gaps in their statutory powers to implement minimum cybersecurity requirements or mitigate related market failures, the administration will work with Congress to fill them in.”

White House officials plan to roll out a corresponding “implementation plan” in the coming months to help implement the newly crafted strategy.

The document, to be signed by the president soon, comes on the heels of a major cyber incident involving a large-scale ransomware attack. World’s largest meat supplierand numerous ransomware attacks targeting the United States school and hospital.

More recently, the U.S. Marshals Service Large-scale cyberattack uncovered Some of the most sensitive information has been compromised, including law enforcement materials, personal information of employees and potential investigators.

National Cyber ​​Director Chris Inglis stepped down last month after almost two years at the head of the agency responsible for coordinating a patchwork of agencies and offices tasked with protecting the nation’s critical infrastructure. bottom. President Biden has yet to name a successor. White House Cybersecurity Strategy Turns to Regulation

Related Articles

Back to top button