- The White House released the new US National Cybersecurity Strategy in March 2023.
- The framework aims to protect critical infrastructure, including hospitals and clean energy facilities, from cyber threats.
- It also aims to increase collaboration with international coalitions and partnerships to counter threats to the digital ecosystem.
The U.S. government continues its efforts to bolster the nation’s cybersecurity prowess and bolster its overall technology governance strategy.
Earlier this month, President Joe Biden released a new National cybersecurity strategywhich outlines the government’s actions to secure cyberspace and create a resilient digital ecosystem that is easier to defend than attack, and that is open and safe for everyone.
“When we pick up our smart phones to keep in touch with our loved ones, we connect to social media to share our ideas with each other, or we connect to the internet to run a business or fulfill one of our basic needs, we need to be able to trust that the underlying digital ecosystem is safe, reliable and secure,” Biden wrote in the framework’s preface.
The strategy is part of a broader effort by the Biden administration to strengthen cyber and technology governance. This included efforts to increase the responsibility of technology companiesenhance privacy protection and ensure fair competition online.
Why does the United States need a national cybersecurity strategy?
The world is increasingly complex and cyber threats are increasingly sophisticated, with ransomware attacks causing billions of dollars in economic losses in the United States. In 2022, the average cost of a ransomware attack was more than $4.5 billion, according to IBM.
The greatest risks we face are interconnected, creating the threat of a “polycrisis,” in which the combined global impact of these events is greater than their individual impact.
This also applies to technological risks, where, for example, attacks on critical information infrastructures could have disastrous consequences for public infrastructure and health, or where growing geopolitical tensions increase the risk of cyberattacks.
Cybercrime and cyber insecurity were observed by risk experts interviewed for the World Economic Forum Global Risks Report as the 8th greatest risk in terms of severity of impact, both in the short term (next two years) and over the next decade.
How cyber crime and cyber insecurity are linked to other global risks.
Image: World Economic Forum Global Risks Report 2023
In 2022, sponsored by the State cyberattacks targeting users in NATO countries increased by 300% compared to 2020, according to Google data.
With cyberattacks on the rise, experts at the World Economic Forum’s annual meeting in Davos predicted that 2023 would be a “busy year” for cyberspace with a “gathering cyber storm”.
“This is a global threat, which calls for a global response and a reinforced and coordinated action,” said Jürgen Stock, secretary general of the International Criminal Police Organization (INTERPOL), in Davos.
The forums Global Cybersecurity Outlook 2023 also found that 93% of cybersecurity experts and 86% of business leaders believe that global instability will negatively impact their ability to provide cybersecurity over the next two years.
Robust cybersecurity is key to harnessing the promise of emerging technologies to enable growth and shared prosperity, while minimizing the perils they pose.
As Biden notes, “Cybersecurity is essential to the basic functioning of our economy, the operation of our critical infrastructure, the strength of our democracy and our democratic institutions, the privacy of our data and communications, and our national defense. .
“We must ensure that the Internet remains open, free, global, interoperable, reliable and secure – rooted in universal values that respect human rights and fundamental freedoms.”
What are the 5 pillars of the national security strategy?
The COVID-19 pandemic has accelerated global digital transformation, meaning we rely on connected devices and digital technology to do more than ever before, putting our lives and livelihoods at greater risk from cyber threats.
The U.S. National Security Strategy recognizes the need to rebalance the burden of cybersecurity responsibility from small businesses and individuals toward public and private organizations best positioned to defend cyberspace through “robust collaboration.”
It also aims to build resilience in cyberspace by balancing the need to address immediate threats, while encouraging investment in the secure, long-term future of the digital ecosystem.
The World Economic Forum Cyber Security Center spurs global action to address systemic cybersecurity challenges and improve digital trust. It is an independent and unbiased platform fostering cybersecurity collaboration across the public and private sectors.
- Salesforce, Fortinet and the Global Cyber Alliance, in partnership with the Forum, offer free and accessible services worldwide training a new generation of cybersecurity experts.
- The Forum, in collaboration with the University of Oxford – Oxford Martin School, Palo Alto Networks, Mastercard, KPMG, Europol, the European Network and Information Security Agency and the National Institute of Standards and Technology of the States United, identifies future global risks related to next generation technology.
- The Forum has improving cyber resilience in aviation while working with Deloitte and over 50 other international companies and organizations.
- The Forum is developing a unique exchange platform for cybersecurity leaders in the electricity industry in collaboration
- The Connected World Council agreed to IoT security requirements for consumer devices to protect them from cyber threats, calling on the world’s largest manufacturers and suppliers to take action for better IoT security.
- The Forum is also a signatory of the Paris Call for Trust and Security in Cyberspace, which aims to ensure digital peace and security.
contact us for more information on how to get involved.
Each of the five pillars it defines is broken down into strategic objectives, but here is a brief overview of what they entail:
1. Defend critical infrastructure
To build confidence in the resilience of US critical infrastructure, regulatory frameworks will establish minimum cybersecurity requirements for critical sectors.
2. Interrupt and Dismantle Threat Actors
Working with the private sector and international partners, the United States will seek to combat the threat of ransomware and disrupt malicious actors.
3. Shaping market forces to foster security and resilience
Grant programs will promote investment in secure infrastructure, while responsibility for secure software products and services will be shifted from the most vulnerable and good privacy practices will be encouraged.
4. Invest in a resilient future
A diverse cyber workforce will be developed and cybersecurity R&D for emerging technologies, including after encryption will be given priority.
5. Forge international partnerships to pursue common goals
The United States will work with allies and partners to counter cyber threats and create reliable and trustworthy supply chains for information and communications technology.
How do the Forum’s cybersecurity efforts support the priorities identified in the US strategy?
In response to the need for global collaborative public-private efforts to address growing cybersecurity challenges, the World Economic Forum launched the Center for Cybersecurity in 2018.
The Centre’s community, which spans more than 150 public and private sector organizations, has identified three main priorities: build resilience, strengthen global cooperation to combat cyber threats, and understand future networks and technologies to build trust.
To build resilience and help protect critical infrastructure against cyberattacks, the Forum brought together stakeholders from the oil, gas and power sectors and developed best practices to address common challenges. These include management responsibility for organizational security and resilience throughout the supply chain, among others.
In addition, the Forum’s Partnership Against Cybercrime initiative has published recommendations for public and private organizations which aim to facilitate dialogue and cooperation in the fight against cybercrime. Building on these recommendations, at the 2023 annual meeting, the Forum – with support from Fortinet, Microsoft, PayPal and Santander – launched the Cybercrime Atlas, an initiative to map cybercriminal activity and identify joint public and private sector responses.
To ensure technologies are more secure and trustworthy, the Forum has also launched a Digital Trust Initiative which focuses on better decision-making around cybersecurity, privacy, human rights and ethics. THE the initiative’s latest report highlights the need for a holistic vision of technological development that protects and supports individual citizens and their rights and values.
The Forum, in partnership with UC Berkeley’s Center for Long-Term Cybersecurity, is also working on Cybersecurity Futures 2030 – a forward-looking scenario planning exercise for inform strategic cybersecurity plans around the globe.
Like the Forum Global Cybersecurity Outlook 2023 notes that cybersecurity is increasingly influencing how and where companies invest, with half of them reassessing the countries with which they do business. The lack of qualified cyber experts is another threat to businesses and societies, according to the report, with key sectors such as energy utilities reporting a 25% gap in critical skills.
The report also provides recommendations on what leaders can do to secure their organizations in the coming year.