New Biden Cybersecurity Strategy Assigns Responsibility to Tech Firms

The Biden administration issued a new cybersecurity strategy last week that calls on software makers and American industry to take far greater responsibility to assure that their systems cannot be hacked. It is also accelerating efforts by the Federal Bureau of Investigation and the Defense Department to disrupt the activities of hackers and ransomware groups around the world.

The expected good-faith efforts from companies to voluntarily report intrusions in their systems and regularly patch their programs to fix newly discovered vulnerabilities has failed.

The new National Cybersecurity Strategy concludes that such good-faith efforts are helpful but insufficient in a world of constant attempts by sophisticated hackers, to get into critical government and private networks.  Instead, companies must be required to meet minimum cybersecurity standards, the new strategy contends.

The strategy is a policy document, not an executive order, although it represents a significant shift in attitude toward the “public-private partnerships” that US governments have talked about for years. 

“The fundamental recognition in the strategy is that a voluntary approach to securing” critical infrastructure and networks “is inadequate”, Anne Neuberger, the deputy national security adviser for cyber and emerging technologies, said at an event at the Center for Strategic and International Studies, a Washington think tank.  

- CyberBeat