Snyk Blog

Securing the digital future: Reviewing the Biden-Harris administration's National Cybersecurity Strategy

Written by:
Vandana Verma Sehgal
Vandana Verma Sehgal

March 20, 2023

0 mins read

On March 2nd, 2023, the Biden-Harris Administration released a fact sheet announcing the National Cybersecurity Strategy, which outlines their vision for securing the nation's digital infrastructure and ensuring the safety of American citizens online. This strategy addresses the growing number of cyber threats facing the United States, including ransomware attacks, supply chain vulnerabilities, and state-sponsored hacking.

In this post, we’ll highlight the key components of the new National Cybersecurity Strategy, so you can stay informed without getting stuck in the weeds.

5 pillars of the National Cybersecurity Strategy

The National Cybersecurity Strategy consists of five main pillars:

  1. Defend critical infrastructure

  2. Disrupt and dismantle threat actors

  3. Shape market forces to drive security and resilience

  4. Invest in a resilient future

  5. Forge international partnerships to pursue shared goals

The National Cybersecurity Strategy also calls for fundamental shifts in rebalancing the responsibility to defend cyberspace. The digital ecosystem’s most enormous, capable, and best-positioned actors in the public or private sectors can, and should, assume a more significant share of the burden when it comes to mitigating cyber risk.

Strategic objectives of the National Cybersecurity Strategy

The critical strategic objectives include:

  • Protecting critical infrastructure. This includes efforts to secure the systems and networks that are essential to the functioning of society — such as energy, transportation, and healthcare systems.

  • Strengthening federal cybersecurity involves enhancing the security of federal networks and systems, improving incident response capabilities, and promoting information sharing between government agencies and the private sector.

  • Promoting innovation and investment in cybersecurity. This includes efforts to promote research and development in cybersecurity technologies and initiatives to promote security education and workforce development.

  • Advancing international cooperation on cybersecurity involves collaborating with other nations to address global cybersecurity challenges, promoting cybersecurity norms and standards, and enhancing information sharing and capacity-building efforts.

Key highlights for cybersecurity

The strategy produced some interesting highlights and key points around cybersecurity, including: 

  • Enhance supply chain security. The strategy includes initiatives to improve the security of the supply chains that support critical infrastructure, and federal systems to reduce the risk of cyberattacks and disruptions.

  • Improve incident response and recovery. The strategy emphasizes the need for effective incident response and recovery capabilities — including increased information sharing, improved threat intelligence, and enhanced coordination between public and private sector entities.

  • Promote cybersecurity workforce development. The strategy includes initiatives to address the cybersecurity skills gap — such as promoting cybersecurity education and training programs, expanding the cybersecurity workforce, and encouraging diversity and inclusion in the cybersecurity field.

  • Strengthen partnerships with the private sector. The strategy highlights the private sector’s key role in cybersecurity and includes initiatives to enhance public-private partnerships — such as sharing threat intelligence, promoting best practices, and facilitating joint exercises and simulations.

Overall, the National Cybersecurity Strategy represents a comprehensive approach to addressing the complex and evolving cybersecurity threats facing the United States, and demonstrates the Biden-Harris Administration's commitment to protecting American citizens in the digital age.

“This rallying cry for developer security is something that should be addressed by companies before rules and penalties are put in place.

Snyk has seen numerous organizations embedding secure software best practices in their development cycles from the start or the initial line of code. They are doing this by empowering their own developers to create secure applications in a seamless and responsible way.

By integrating and automating secure software development practices into their workflows, they are deploying ways to find, fix, and remediate vulnerabilities in both pre-production and production applications, and as a result, bringing developers, IT, and security teams together as one team."

- Peter McKay, CEO of Snyk - Cybernews.com

How you can prepare

Snyk can help you prepare for the National Cybersecurity Strategy with our developer first solutions for application security, supply chain security, and cloud security. Embed security in your development pipelines as early as possible to prevent expensive fixes in production. Get started today with a free Snyk account or by booking a demo with one of our security experts.

To learn more about Biden-Harris’s 2023 Strategy, check out Gartner’s article on the potential implications of these new regulations.

Developer loved. Security trusted.

Snyk's dev-first tooling provides integrated and automated security that meets your governance and compliance needs.

Book a live demoStart free

Posted in:Cloud Security, Application Security, DevSecOps, Compliance, Open Source Security

How to Build a Security Champions Program

Snyk interviewed 20+ security leaders who have successfully and unsuccessfully built security champions programs. Check out this playbook to learn how to run an effective developer-focused security champions program.

See the playbook
Patch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo Segment

Snyk is a developer security platform. Integrating directly into development tools, workflows, and automation pipelines, Snyk makes it easy for teams to find, prioritize, and fix security vulnerabilities in code, dependencies, containers, and infrastructure as code. Supported by industry-leading application and security intelligence, Snyk puts security expertise in any developer’s toolkit.

Start freeBook a live demo

Product

What is Snyk?Snyk Code (SAST)Snyk Open Source (SCA)Snyk ContainerSnyk Infrastructure as CodeSnyk AppRisk (ASPM)Developer Security PlatformApplication securitySoftware supply chain securitySecure AI-generated code DeepCode AIPricingDeployment optionsIntegrationsIDE pluginsGit SecurityCI/CD pipelines securitySnyk CLISnyk LearnSnyk for JavaScript

Resources

DocumentationSnyk API DocsAPI statusDisclosed vulnerabilitiesSupport portal & FAQ’sBlogSecurity fundamentalsResources for security leadersResources for ethical hackersVulnerability DatabaseSnyk OSS AdvisorSnyk Top 10VideosCustomer resources

Company

AboutCustomersCareersEventsSnyk for governmentPress kitSecurity & trustLegal termsPrivacyFor California residents: Do not sell my personal informationWebsite Terms of Use

Connect

Book a live demoContact usSupportReport a new vuln

Security

Application SecurityContainer SecuritySupply Chain SecurityJavaScript SecurityOpen Source SecurityAWS SecuritySecure SDLCSecurity postureSecure codingEthical HackingAI in cybersecurityCode CheckerPythonEnterprise CybersecurityJavaScriptSnyk With GitHubSnyk vs VeracodeSnyk vs Checkmarx

© 2024 Snyk Limited
Registered in England and Wales

logo-devseccon