US Strategy Will Allow Hacking Criminal & Foreign Networks 

The Biden administration is set to unveil a national strategy that for the first time calls for comprehensive cyber security regulation of the nation's critical infrastructure, explicitly recognising that years of a voluntary approach have failed to secure the nation against cyber-attacks.

The 35-page document, titled “National Cybersecurity Strategy,” differs from the dozen or so similar papers signed by presidents in two significant ways: 

 

  • First, it will impose mandatory regulations on a wide range of American industries. 
  • Second, it will authorise US defense, intelligence, and law-enforcement agencies to go on the offensive, hacking into the computer networks of criminals and foreign governments, in retaliation to, or preempting, their attacks on American networks.

“Our goal is to make malicious actors incapable of mounting sustained cyber-enabled campaigns that would threaten the national security or public safety of the United States,” the document states in a five-page section titled “Disrupt and Dismantle Threat Activities,” according to a draft version. 

Under the new strategy, the US will “disrupt and dismantle” hostile networks as part of a persistent, continuous campaign. 

A new national cyber security strategy is certainly a positive development. In theory, increased supervision and participation from the government will keep organisations honest about their cybersecurity efforts and hold them responsible for their security. This should also have the corresponding effect of making organizations more resilient to attacks, which would positively impact larger cyber security issues, like reducing successful ransomware campaigns. This campaign will be co-ordinated by the FBI’s National Cyber Investigations Joint Task Force working in tandem with all relevant US agencies, a systematic collaboration that has rarely been attempted and never before publicised. 

Private companies, both firms that are frequent targets of cyber attacks and firms that specialise in cyber security methods, will be full partners in this effort, both to alert the government task force of intrusions and to help repel them. 

The new  US strategy acknowledges that industry cannot combat cyber threats alone and that this is not achievable without government involvement. A partnership with the government, which comes with additional resources and legal authority, is essential to mitigate risks from sophisticated threat actors and powerful nation-states.

White House:   Slate:    Federal News Network:     Washington Post:     Bloomberg Law:   Corporate Compliance

You Might Also Read: 

US Government Will Invest $15 Billion In National Cyber Security:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Turla Hackers Deliver Andomeda Malware 
Boards Need To Step Up Or Risk Cybersecurity Fines »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Cloud Credential Council (CCC)

Cloud Credential Council (CCC)

The CCC is a leading provider of vendor-neutral certification programs that empower IT and business professionals in their digital transformation journey.

baramundi software

baramundi software

baramundi software AG provides companies and organizations with efficient, secure, and cross-platform management of workstation environments.

Redcentric

Redcentric

Redcentric is a leading UK IT managed services provider. We deliver managed IT, cloud computing, data backup, information security services and managed networks.

Fastpath Solutions

Fastpath Solutions

Fastpath deliver software solutions that enable you to take control of your security, compliance and risk management initiatives.

Emerson Electric Co

Emerson Electric Co

Emerson provides industrial automation systems and associated cybersecurity solutions to protect critical process control systems from cyber attack.

Japan Network Security Association (JNSA)

Japan Network Security Association (JNSA)

JNSA's goal is to promote standardization related to network security and to contribute to greater technological standards in the field.

NordForsk

NordForsk

NordForsk facilitates and provides funding for Nordic research cooperation and research infrastructure. Project areas include digitalisation and digital security.

Cyber Security & Information Systems Information Analysis Center (CSIAC)

Cyber Security & Information Systems Information Analysis Center (CSIAC)

CSIAC is chartered to leverage best practices and expertise from government, industry, and academia on cyber security and information technology.

Avatier

Avatier

Avatier identity management software products automate identity access management, user provisioning and IT governance to ensure information security and compliance.

Cyber Seguridad (Cyberseg)

Cyber Seguridad (Cyberseg)

Cyberseg provides specialized Cybersecurity services, including managed services (SOC / CERTs) and solutions for the protection of critical infrastructures.

ICTSecurity Portal

ICTSecurity Portal

The ICTSecurity Portal is an interministerial initiative in cooperation with the Austrian economy and acts as a central internet portal for topics related to security in the digital world.

Ericom Software

Ericom Software

Ericom is a global leader in securing and connecting the digital workspace, offering solutions that secure browsing, and optimize desktop and application delivery to any device, anywhere.

Nu Quantum

Nu Quantum

Nu Quantum is developing quantum photonics hardware to power the quantum revolution in communications, sensing and computing.

SecureStream Technologies

SecureStream Technologies

SecureStream Technologies have built the IoT SafetyNet - the Network Security Analytics platform to Eliminate Security Threats, Guarantee Privacy, Ensure Compliance, Simply & Easily.

Traceable

Traceable

Traceable was founded to protect applications from next-generation attacks.

Xact IT Solutions

Xact IT Solutions

Xact IT Solutions are a certified cybersecurity firm offering cybersecurity, compliance and managed services.

EGUARDIAN

EGUARDIAN

EGUARDIAN serves as a Value-Added Distributor and technology enabler in the APAC region with the aim of further expanding globally and cater to the needs of the demands with the emerging technology.

Cypherleak

Cypherleak

Cypherleak provide Automated Cyber Risk Monitoring & Ai powered cyber recommendations.