Cybersecurity is a growing need at the organizational level, and the lack of it can even affect individuals who do something as seemingly innocent as clicking on an attachment contaminated with malware.
Analysts often warn that failing to prioritize cybersecurity could cause national hazards.
Here’s some information on the USA cybersecurity strategy and what it hopes to do.
The National Cyber Strategy Seeks to Protect Americans
In September 2018, President Trump signed what was reportedly the first fully articulated cybersecurity strategy since 2003. As a start, it aims to protect federal networks and the information transmitted across them.
Moreover, this National Cyber Strategy will lock down critical infrastructure, enhance incident reporting and integrate cybersecurity into all aspects of the United States’ power as a nation.
Speaking of power, the strategy emphasizes that the U.S. will have defensive and offensive methods that showcase the country’s strength. It highlighted how there is a lot of work left to do, however, and there’s no time to waste.
Although this plan has numerous components, all of them want to bolster the protections Americans enjoy. In part, that means finding bad actors and penalizing them.
Many U.S. tech companies are doing that by refusing to do business with Huawei, a Chinese company accused of being a security threat.
The National Cyber Strategy also connects the interests of the American people to the internet, including its security.
An Executive Order to Support Cybersecurity Careers
A more recent move by President Trump to focus on cybersecurity involved an executive order that recognizes America’s cybersecurity workforce as “a strategic asset.”
It also got more specific by emphasizing how cybersecurity workers must benefit from government policies that facilitate them moving between the public and private sectors. That way, more entities could benefit from their talents.
Additionally, the executive order discussed how the United States must support cybersecurity skill development, including through training programs, apprenticeships and similar options for increasing learning.
Another component of the executive order mentioned establishing and implementing ways to measure the effectiveness of workforce cybersecurity investments.
The Cybersecurity and Infrastructure Security Agency (CISA)
The United States’ Department of Homeland Security (DHS) also established The Cybersecurity and Infrastructure Security Agency (CISA) in November 2018. It secures the nation’s cybersecurity and physical infrastructures.
CISA also contains The National Risk Management Center (NRMC), which works to identify and diminish risks to the country.
In May 2019, CISA issued a directive regarding a 15-day deadline for federal agencies to fix critical vulnerabilities on internet-accessible systems. Previously, these bodies had 30 days to address issues.
Numerous Sector-Specific Data Protection Regulations — and State Laws Are on the Way
Any all-encompassing cybersecurity plan delves into data privacy. Unlike the European Union, which has the General Data Protection Regulation (GDPR), the USA cybersecurity strategy does not have a single principal data protection regulation. Instead, it has several federal laws applicable to specific sectors.
For example, data protection and treatment regulations apply to health-related information, details associated with financial services, creditworthiness and data obtained from state offices of the Department of Motor Vehicles (DMV).
Additionally, Vermont will soon have a law that restricts data brokers — businesses that collect and sell individuals’ information. Then, starting on Jan. 1, 2020, the California Consumer Privacy Act (CCPA) goes into effect to give people more information about and control over how businesses use their data.
Various states have also moved to either enact or improve regulations about data breach notifications. Those changes also relate to cybersecurity because they let consumers know about them sooner. Then, they are better able to decide how to respond after breaches happen.
Some States Have Cybersecurity Initiatives
It’s important to realize that state-level initiatives contribute to the USA cybersecurity strategy, too. For example, Rhode Island, Indiana and Virginia are among the states that formed cybersecurity commissions to evaluate threats and how to conquer them.
State representatives also recognize the connection between cybersecurity and economic success. In 2018, the New York City Economic Development Corporation (NYCEDC) announced its intention to make the city a worldwide hotspot for cybersecurity progress.
As part of that initiative, it offered news about the upcoming Global Cyber Center, a 15,000-square-foot facility in Chelsea. Plus, Cyber NYC, the city’s push to grow the cybersecurity sector, hopes to create up to 10,000 middle-class jobs.
Many Efforts Toward a Unified Goal
As the information here shows, various federal initiatives and state-specific measures strive to make the United States safer from cybersecurity threats.
It will undoubtedly require collaboration and concentrated efforts from authorities in positions of power.
Success in moving cybersecurity forward will undoubtedly better protect the nation and its residents against threats.