US Strategy Will Allow Hacking Criminal & Foreign Networks 

Uploaded on 2023-01-30 in GOVERNMENT-National, FREE TO VIEW, BUSINESS-Services-Law

The Biden administration is set to unveil a national strategy that for the first time calls for comprehensive cyber security regulation of the nation's critical infrastructure, explicitly recognising that years of a voluntary approach have failed to secure the nation against cyber-attacks.

The 35-page document, titled “National Cybersecurity Strategy,” differs from the dozen or so similar papers signed by presidents in two significant ways: 

 

  • First, it will impose mandatory regulations on a wide range of American industries. 
  • Second, it will authorise US defense, intelligence, and law-enforcement agencies to go on the offensive, hacking into the computer networks of criminals and foreign governments, in retaliation to, or preempting, their attacks on American networks.

“Our goal is to make malicious actors incapable of mounting sustained cyber-enabled campaigns that would threaten the national security or public safety of the United States,” the document states in a five-page section titled “Disrupt and Dismantle Threat Activities,” according to a draft version. 

Under the new strategy, the US will “disrupt and dismantle” hostile networks as part of a persistent, continuous campaign. 

A new national cyber security strategy is certainly a positive development. In theory, increased supervision and participation from the government will keep organisations honest about their cybersecurity efforts and hold them responsible for their security. This should also have the corresponding effect of making organizations more resilient to attacks, which would positively impact larger cyber security issues, like reducing successful ransomware campaigns. This campaign will be co-ordinated by the FBI’s National Cyber Investigations Joint Task Force working in tandem with all relevant US agencies, a systematic collaboration that has rarely been attempted and never before publicised. 

Private companies, both firms that are frequent targets of cyber attacks and firms that specialise in cyber security methods, will be full partners in this effort, both to alert the government task force of intrusions and to help repel them. 

The new  US strategy acknowledges that industry cannot combat cyber threats alone and that this is not achievable without government involvement. A partnership with the government, which comes with additional resources and legal authority, is essential to mitigate risks from sophisticated threat actors and powerful nation-states.

White House:   Slate:    Federal News Network:     Washington Post:     Bloomberg Law:   Corporate Compliance

You Might Also Read: 

US Government Will Invest $15 Billion In National Cyber Security:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Turla Hackers Deliver Andomeda Malware 
Boards Need To Step Up Or Risk Cybersecurity Fines »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

UK Cyber Week Expo & Conference

UK Cyber Week Expo & Conference

Award-winning event organiser ROAR B2B announces the launch of UK Cyber Week and its inaugural event on 4 and 5 April 2023 at the Business Design Centre, London.

ON-DEMAND WEBINAR: Future-proof your security with Secure Access Service Edge (SASE)

ON-DEMAND WEBINAR: Future-proof your security with Secure Access Service Edge (SASE)

Watch this webinar to explore the Security orchestration, automation, and response (SOAR) paradigm, its relationship with organization IT practices, and its role in your security strategy.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

RIVA Solutions

RIVA Solutions

RIVA provides innovative best practices in IT and management consulting, program support services and emerging technologies.

Eversheds Sutherland

Eversheds Sutherland

Eversheds Sutherland is a global multinational law practice offering a full range of commercial and IT law services including Privacy, Data Protection and Cyersecurity.

CyberArk Software

CyberArk Software

CyberArk is an established leader in privileged access management and offers the most complete set of Identity Security capabilities.

ForgeRock

ForgeRock

ForgeRock, the leader in digital identity, delivers comprehensive Identity and Access Management solutions for consumers, employees and things to simply and safely access the connected world.

TraceSecurity

TraceSecurity

TraceSecurity, a leading pioneer in cloud-based security solutions, provides IT governance, risk and compliance (GRC) management solutions.

Malta Information Technology Agency (MITA)

Malta Information Technology Agency (MITA)

MITA is the central driver of Government Information and Communications Technology (ICT) policy, programmes and initiatives in Malta.

Cybernetica

Cybernetica

Cybernetica is an ICT company with activities in e-government, marine comms, data analysis and research in information security technologies.

Thinklogical

Thinklogical

Thinklogical manufactures secure, KVM, video, audio, and computer peripheral signal switching solutions for defence C4ISR applications.

Axis Capital

Axis Capital

AXIS Insurance’s Professional Lines Division is a leading underwriter of technology/cyber coverage and other specialty products around the globe.

Nok Nok Labs

Nok Nok Labs

Nok Nok is a market leader in next generation authentication for cloud, mobile and IoT applications.

Avira

Avira

Avira provide a portfolio of antivirus, security and performance applications for Windows, Android, Mac, and iOS.

Bluink

Bluink

Bluink specializes in identity and access management and customer identity verification, using your smartphone as a strong authenticator and secure identity store.

Information System Security Directorate (ISSD) - Afghanistan

Information System Security Directorate (ISSD) - Afghanistan

Information System Security Directorate (ISSD) is responsible for the security of critical information infrastructures in Afghanistan.

CNS Group

CNS Group

CNS Group provides industry leading cyber security though managed security services, penetration testing, consulting and compliance.

Converge Technology Solutions

Converge Technology Solutions

Converge Technology Solutions Corp. is a North American IT solution provider delivering advanced analytics, cloud, cybersecurity, and managed services solutions.

Larson Security

Larson Security

Larson Security is a services plus software company that specializes in Cyber Security and Digital Forensics.