White House Cyber Plan Eyes 65 Goals in Implementation Roadmap
The plan is the latest in a series of directives that outline cybersecurity initiatives and responsibilities across 18 federal agencies.
The White House released its anticipated implementation plan of its National Cybersecurity Strategy directing agencies on various cybersecurity actions over the next two years. The initial strategy released March 2023 outlined five pillars that shifted the responsibility of cyber to software developers and served as a preview for its vision in long-term investment in cyber.
The new National Cybersecurity Strategy Implementation Plan released Thursday outlines 65 high-impact initiatives across federal agencies within those pillars. This “first iteration” of the plan is a living document to be updated yearly, according to a White House memo.
“This roadmap charts a path toward a more resilient, equitable and defensible cyberspace,” said Office of the National Cyber Director Acting Director Kemba Walden in tweet.
Some of the highlighted areas within each pillar include increasing use of standards and frameworks, updating the National Cyber Incident Response Plan and modernizing federal systems to remove legacy systems as part of the first pillar of defending critical infrastructure.
Within the second pillar to disrupt and dismantle threat actors, the plan calls for an update to the Defense Department’s cyber strategy, an increase in efforts to defeat ransomware and a call to implement certain standards specifically for infrastructure-as-a-service (IaaS) providers.
In pillar three, which is to shape market forces, the plan outlines factors such as building software bills of materials (SBOMs) and launching an Internet of Things (IoT) security labeling program. It also calls on the Department of Treasury to assess a need for a federal insurance response to support the existing insurance market.
The fourth pillar around investments includes things like promoting more open-source software security, standardizing post-quantum cryptographic algorithms, developing a national strategy to strengthen the cyber workforce through education and driving adoption of cyber security-by-design principles into federal projects.
Finally, the last pillar around international partnerships outlines a call to expand operational law enforcement collaboration, amplify supply chain risk management best practices in critical infrastructure and hold states accountable for cyberspace incidents.
Each initiative has been assigned to 18 agencies with varying deadlines through fiscal year 2025, with some already having been completed — including the White House’s outlined cybersecurity budgetary priorities for agencies.
The Office of the National Cyber Director (ONCD) will help organize efforts under the plan, including submitting an annual report to the president and Congress on the status of implementation, ONCD is also putting together a request for information regarding cybersecurity regulatory harmonization that will be published in the near future.
This is a carousel with manually rotating slides. Use Next and Previous buttons to navigate or jump to a slide with the slide dots
-
Biden Signs New Tech Executive Orders Before Departing Office
Joe Biden signed two new executive orders this week promoting future cyber and AI priorities before Donald Trump takes office Monday.
5m read -
DODIN Strategy Aims to Outpace Cyber Threats
JFHQ-DODIN Commander Lt. Gen. Paul Stanton says the new "How We Prevail" plan moves from reactive defense to proactive threat mitigation.
4m read -
Preparing for the Future Cyber Landscape
CISA, CFPB and Rubrik discuss how they’re building cybersecurity best practices and developing their workforces to prepare for the future threat landscape and bolster cyber resilience.
30m watch -
Air Force Chief: Modernization Is Critical to Maintaining Superiority
Air Force Secretary Frank Kendall cites AI, automation and cyber resilience as key modernization components to outpace China by 2050.
3m read