US Strategy Will Allow Hacking Criminal & Foreign Networks 

The Biden administration is set to unveil a national strategy that for the first time calls for comprehensive cyber security regulation of the nation's critical infrastructure, explicitly recognising that years of a voluntary approach have failed to secure the nation against cyber-attacks.

The 35-page document, titled “National Cybersecurity Strategy,” differs from the dozen or so similar papers signed by presidents in two significant ways: 

 

  • First, it will impose mandatory regulations on a wide range of American industries. 
  • Second, it will authorise US defense, intelligence, and law-enforcement agencies to go on the offensive, hacking into the computer networks of criminals and foreign governments, in retaliation to, or preempting, their attacks on American networks.

“Our goal is to make malicious actors incapable of mounting sustained cyber-enabled campaigns that would threaten the national security or public safety of the United States,” the document states in a five-page section titled “Disrupt and Dismantle Threat Activities,” according to a draft version. 

Under the new strategy, the US will “disrupt and dismantle” hostile networks as part of a persistent, continuous campaign. 

A new national cyber security strategy is certainly a positive development. In theory, increased supervision and participation from the government will keep organisations honest about their cybersecurity efforts and hold them responsible for their security. This should also have the corresponding effect of making organizations more resilient to attacks, which would positively impact larger cyber security issues, like reducing successful ransomware campaigns. This campaign will be co-ordinated by the FBI’s National Cyber Investigations Joint Task Force working in tandem with all relevant US agencies, a systematic collaboration that has rarely been attempted and never before publicised. 

Private companies, both firms that are frequent targets of cyber attacks and firms that specialise in cyber security methods, will be full partners in this effort, both to alert the government task force of intrusions and to help repel them. 

The new  US strategy acknowledges that industry cannot combat cyber threats alone and that this is not achievable without government involvement. A partnership with the government, which comes with additional resources and legal authority, is essential to mitigate risks from sophisticated threat actors and powerful nation-states.

White House:   Slate:    Federal News Network:     Washington Post:     Bloomberg Law:   Corporate Compliance

You Might Also Read: 

US Government Will Invest $15 Billion In National Cyber Security:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Turla Hackers Deliver Andomeda Malware 
Boards Need To Step Up Or Risk Cybersecurity Fines »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Armor

Armor

Armor provide managed cloud security solutions for public, private, hybrid or on-premise cloud environments.

GrammaTech

GrammaTech

GrammaTech is a leading developer of software-assurance tools and advanced cyber-security solutions.

Qualitèsoft Technology

Qualitèsoft Technology

Qualitèsoft Technology is a leading Software Development and Quality Assurance organization. We specialize in Custom Development, Mobile Application, Software Testing and Quality Assurance.

EclecticIQ

EclecticIQ

EclecticIQ is a global provider of threat intelligence, hunting and response technology and services.

Gatewatcher

Gatewatcher

Gatewatcher is a digital breach detection platform targeting crafted attacks and protecting organizations against advanced cyber threats.

Torsion Information Security

Torsion Information Security

Torsion is an innovative information security and compliance engine, which runs either in the cloud or your data centre.

limes datentechnik

limes datentechnik

limes datentechnik is an authority in the fields of cryptography and data compression. The FLAM product family is an internationally accepted standard for efficient and safe handling of data.

Halcyon Knights

Halcyon Knights

Halcyon Knights is a specialist executive search and IT recruitment agency in the APAC region. Areas of specialisation include cybersecurity.

Hallam-ICS

Hallam-ICS

Hallam-ICS designs MEP systems for facilities and plants, control and automation solutions, and ensures safety and regulatory compliance.

ThriveDX

ThriveDX

ThriveDX, the world’s premier EdTech provider (formerly HackerU), champions digital transformation training as a means of empowering individuals to thrive in the age of digital disruption.

Socure

Socure

Socure’s identity verification increases auto approval rates, reduces false positives and captures more fraud. In real time.

TestArmy

TestArmy

TestArmy CyberForces provide you with a broad spectrum of cybersecurity services to test every aspect of your IT infrastructure security and software development process.

Zephyr Project

Zephyr Project

The Zephyr Project strives to deliver the best-in-class RTOS for connected resource-constrained devices, built to be secure and safe.

MTI

MTI

MTI is a solutions and service provider, specialising in data & cyber security, datacentre modernisation, modern workplace, IT managed services and IT transformation services.

FourthRev

FourthRev

FourthRev is an education-technology start-up with a mission to solve the skills crisis of the Fourth Industrial Revolution.

MetaWeb Ventures

MetaWeb Ventures

MetaWeb Ventures is a global venture capital firm focused on pre-seed and seed investments in crypto start-ups.