The US government under President Biden has published a new cyber security strategy. The almost 40-page strategy paper is also clearly about making IT companies more responsible and holding them accountable if they are disregarded. But the already successful fight against APT groups and ransomware is also to be intensified.
The Biden-Harris Administration releases the National Cybersecurity Strategy to ensure the full benefits of a secure digital ecosystem for all Americans. In this pivotal decade, the United States seeks to reinvent cyberspace as a tool to achieve its goals in a way that reflects its values: economic security and prosperity; respect for human rights and fundamental freedoms; trust in our democracy and democratic institutions; and a just and diverse society. To achieve this vision, we will fundamentally change how the United States allocates roles, responsibilities, and resources in cyberspace.
Extreme damage to the economy
The first explanation of the new strategy already gives an idea of the importance attached to the topic of cybersecurity. A few years ago, the US government classified ransomware attacks as acts of terrorism in order to be able to use all instruments, such as the FBI. This step was already crowned with success, since in this way the APT groups ReVil, Conti and HIVE could be broken up with the help of other global authorities.
The damage caused by the many attacks and ransomware also adds up to a high billion amount. This economic damage is also only significant in the USA and has also been registered by the US government. The many attacks, for example from Russia, are forcing the USA to adopt new strategies.
Five pillars of the new strategy
- Defend critical infrastructure
- Disrupt and smash threat actors
- Shaping market forces to drive safety and resilience
- Invest in a resilient future
- Forge international partnerships to pursue common goals
With these 5 pillars, the US government wants to increase cyber security for the economy. The 39-page document is difficult in some places, because it also describes the penalties if companies and providers of security software and hardware do not meet the requirements and make it too easy for attackers.
Furthermore, the White House also wants to invest in research in order to better face the upcoming problems, such as post-quantum cryptography.
Editor/sel
Direct to PDF at WhiteHouse.gov