US Strategy Will Allow Hacking Criminal & Foreign Networks 

The Biden administration is set to unveil a national strategy that for the first time calls for comprehensive cyber security regulation of the nation's critical infrastructure, explicitly recognising that years of a voluntary approach have failed to secure the nation against cyber-attacks.

The 35-page document, titled “National Cybersecurity Strategy,” differs from the dozen or so similar papers signed by presidents in two significant ways: 

 

  • First, it will impose mandatory regulations on a wide range of American industries. 
  • Second, it will authorise US defense, intelligence, and law-enforcement agencies to go on the offensive, hacking into the computer networks of criminals and foreign governments, in retaliation to, or preempting, their attacks on American networks.

“Our goal is to make malicious actors incapable of mounting sustained cyber-enabled campaigns that would threaten the national security or public safety of the United States,” the document states in a five-page section titled “Disrupt and Dismantle Threat Activities,” according to a draft version. 

Under the new strategy, the US will “disrupt and dismantle” hostile networks as part of a persistent, continuous campaign. 

A new national cyber security strategy is certainly a positive development. In theory, increased supervision and participation from the government will keep organisations honest about their cybersecurity efforts and hold them responsible for their security. This should also have the corresponding effect of making organizations more resilient to attacks, which would positively impact larger cyber security issues, like reducing successful ransomware campaigns. This campaign will be co-ordinated by the FBI’s National Cyber Investigations Joint Task Force working in tandem with all relevant US agencies, a systematic collaboration that has rarely been attempted and never before publicised. 

Private companies, both firms that are frequent targets of cyber attacks and firms that specialise in cyber security methods, will be full partners in this effort, both to alert the government task force of intrusions and to help repel them. 

The new  US strategy acknowledges that industry cannot combat cyber threats alone and that this is not achievable without government involvement. A partnership with the government, which comes with additional resources and legal authority, is essential to mitigate risks from sophisticated threat actors and powerful nation-states.

White House:   Slate:    Federal News Network:     Washington Post:     Bloomberg Law:   Corporate Compliance

You Might Also Read: 

US Government Will Invest $15 Billion In National Cyber Security:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Turla Hackers Deliver Andomeda Malware 
Boards Need To Step Up Or Risk Cybersecurity Fines »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Bulb Security

Bulb Security

Whether your internal red team or penetration testing team needs training, or you lack internal resources and need an outsourced penetration test, Bulb Security can help.

Snow Software

Snow Software

Snow Software is changing the way organizations think about their technology investments, empowering IT and business leaders to drive transformation with precision and agility.

Italian Association of Critical Infrastructure Experts (AIIC)

Italian Association of Critical Infrastructure Experts (AIIC)

AIIC acts as a focal point in Italy for expertise on the protection of Critical Infrastructure including ICT networks and cybersecurity.

achelos

achelos

achelos is an independent software development company providing innovative technical solutions for micro-processor chips / security chips and embedded systems in security-critical application fields.

CounterCraft

CounterCraft

The CounterCraft Cyber Deception Platform fits seamlessly into existing security strategies and delivers high-end deception for threat hunting and threat detection.

Aptiv

Aptiv

Aptiv is a global technology company that develops safer, greener and more connected solutions enabling the future of mobility.

Salient Law

Salient Law

Salient Law is a virtual law firm that specialises in advising providers and users of technology on contracts involving technology.

BwCIRT

BwCIRT

BwCIRT is the Computer Incident Response Team (CIRT) for Botswana and provides an official point of contact for dealing with computer security incidents.

Cythereal

Cythereal

Cythereal is the leader in predicting and preventing advanced malware attacks. Security Automation for the Overwhelmed Administrator.

Apex Systems

Apex Systems

Apex Systems is a world-class technology services business that incorporates industry insights and experience to deliver solutions that fulfill our clients’ digital visions.

Applied Connective Technologies

Applied Connective Technologies

Applied Connective is one team for all your technology needs, from IT to phones, cyber security to physical security, audio/video and the infrastructure to support it.

ZainTech

ZainTech

Zaintech is a regional digital & ICT solutions provider offering comprehensive digital solutions and services to enterprise and government customers in the MENA region.

Centum Digital

Centum Digital

Centum Digital provide services, products and solutions specialized in communications engineering, control and signal intelligence.

X-PHY

X-PHY

X-PHY is a pioneering cybersecurity company dedicated to hardware-based cybersecurity solutions that protect data at its core.

Federal Office for the Protection of the Constitution (BfV)

Federal Office for the Protection of the Constitution (BfV)

The Federal Office for the Protection of the Constitution (Bundesamt für Verfassungsschutz - BfV) is the domestic intelligence services of the federal government of Germany.

GlitchSecure

GlitchSecure

GlitchSecure helps companies secure their products and infrastructure through real-time continuous security testing.