Recognizing the significant threat posed by state cyber actors in China, Russia, Iran and North Korea and other countries, as well as a deepening digital dependency on a global scale, the Biden administration today released a national cybersecurity strategy. Significantly, the strategy calls for federal regulation of vulnerable critical infrastructure firms and for software makers to be held liable when their products leave gaping holes for hackers to exploit.
The strategy is organized around five pillars: defending critical infrastructure; disrupting and dismantling threat actors; shaping market forces to drive security and resilience; investing in a resilient future; and forging international partnerships to pursue shared goals. It calls on agencies to identify “gaps in authorities to drive better cybersecurity practices in the cloud computing industry and for other essential third-party services, and work with industry, Congress and regulators to close them.”
Among other things, the strategy will seek to harmonize and streamline new and existing regulations and will continue to rely on agencies like the Treasury Department and Department of Homeland Security to manage cyber risks in critical infrastructure sectors.
ABA will continue to engage with the White House, Treasury Department, Department of Homeland Security and the National Institute for Standards and Technology in shaping the implementation of the strategy to ensure it addresses key concerns of ABA members. The association will continue to advocate for harmonizing regulatory requirements, incorporating the NIST Cybersecurity Framework, addressing challenges in cloud computing adoption and defending the financial services sector from malicious actors.