US Strategy Seeks Greater Industry Responsibility for Ensuring Cybersecurity

The U.S. government has released a new strategy that seeks to increase the role that industry stakeholders have when it comes to cybersecurity.

According to acting National Cyber Director Kemba Walden, the strategy seeks to rebalance cyber risk management by moving the burden of ensuring cybersecurity from “individuals, small businesses and local governments” towards the “biggest, most capable and best positioned actors in our digital ecosystem”.

The strategy requires system owners and technology providers to be responsible for the security and reliability of their offerings, Breaking Defense reported Thursday.

According to the strategy document, the government will use federal purchasing powers and grant-making capabilities to incentivize security. Officials will also ensure that the government focuses on ways to promote cybersecurity practices and keep systems safe.

The strategy zeroes in on five pillars: cybersecurity for critical infrastructure, threat actor disruption, increased responsibilities for key stakeholders, systems resiliency investment, and international partnerships.

The new strategy comes amid the U.S. government’s efforts to improve its cybersecurity posture. In mid-February, the Department of Homeland Security awarded $1 billion to state and local governments to back their information system strengthening efforts.

On international partnerships, DHS Undersecretary for Policy Robert Silvers met with his Israeli counterparts in early February to discuss the inclusion of cybersecurity in the Abraham Accords, a document that focuses on peace and security in the Middle East and around the world. During his meeting with Israeli officials, Silvers said the addition of cybersecurity would allow the U.S. and its partners to work on international critical infrastructure cyber defense and global cyber resilience.