White House Cyber Plan Eyes 65 Goals in Implementation Roadmap
The plan is the latest in a series of directives that outline cybersecurity initiatives and responsibilities across 18 federal agencies.
The White House released its anticipated implementation plan of its National Cybersecurity Strategy directing agencies on various cybersecurity actions over the next two years. The initial strategy released March 2023 outlined five pillars that shifted the responsibility of cyber to software developers and served as a preview for its vision in long-term investment in cyber.
The new National Cybersecurity Strategy Implementation Plan released Thursday outlines 65 high-impact initiatives across federal agencies within those pillars. This “first iteration” of the plan is a living document to be updated yearly, according to a White House memo.
“This roadmap charts a path toward a more resilient, equitable and defensible cyberspace,” said Office of the National Cyber Director Acting Director Kemba Walden in tweet.
Some of the highlighted areas within each pillar include increasing use of standards and frameworks, updating the National Cyber Incident Response Plan and modernizing federal systems to remove legacy systems as part of the first pillar of defending critical infrastructure.
Within the second pillar to disrupt and dismantle threat actors, the plan calls for an update to the Defense Department’s cyber strategy, an increase in efforts to defeat ransomware and a call to implement certain standards specifically for infrastructure-as-a-service (IaaS) providers.
In pillar three, which is to shape market forces, the plan outlines factors such as building software bills of materials (SBOMs) and launching an Internet of Things (IoT) security labeling program. It also calls on the Department of Treasury to assess a need for a federal insurance response to support the existing insurance market.
The fourth pillar around investments includes things like promoting more open-source software security, standardizing post-quantum cryptographic algorithms, developing a national strategy to strengthen the cyber workforce through education and driving adoption of cyber security-by-design principles into federal projects.
Finally, the last pillar around international partnerships outlines a call to expand operational law enforcement collaboration, amplify supply chain risk management best practices in critical infrastructure and hold states accountable for cyberspace incidents.
Each initiative has been assigned to 18 agencies with varying deadlines through fiscal year 2025, with some already having been completed — including the White House’s outlined cybersecurity budgetary priorities for agencies.
The Office of the National Cyber Director (ONCD) will help organize efforts under the plan, including submitting an annual report to the president and Congress on the status of implementation, ONCD is also putting together a request for information regarding cybersecurity regulatory harmonization that will be published in the near future.
This is a carousel with manually rotating slides. Use Next and Previous buttons to navigate or jump to a slide with the slide dots
-
Biden's Technology Legacy: Advancing AI, Cybersecurity
Executive orders, memos and policy all strengthened information technology policy in the outgoing administration.
6m read -
ARPA-H Sees Promise in AI with Newest Funding Projects
The agency is tackling initiatives around generative AI and machine learning for research in critical health issues.
-
Looking Back at the First Trump Administration's Tech Priorities
In his first term, Donald Trump supported cybersecurity, space policy and artificial intelligence development.
4m read -
Elevating Cybersecurity in the Intelligence Community
The Intelligence Community is developing strategies to protect data and strengthen resiliency against emerging cyber threats.
30m watch