The Biden-Harris administration has remained relentlessly focused on improving the United States’ cyber defenses, developing a comprehensive approach to “lock our digital doors” and taking aggressive measures to strengthen and protect our nation’s cybersecurity, including:
- Improving the cyber security of our critical infrastructure. Much of our country’s critical infrastructure is owned and operated by the private sector. The administration has worked closely with key sectors – including transport, banking, water and healthcare – to help stakeholders understand cyber threats to critical systems and establish minimum cybersecurity standards. These include the introduction of several performance-based policies from the Transportation Security Administration (TSA) to increase cybersecurity for the pipeline and rail sectors, as well as a measure on cyber requirements for the aviation sector. Through Presidential National Security Memorandum 8, Improving Cybersecurity for Critical Infrastructure Control Systems, we issue cybersecurity performance targets that provide a foundation to drive investment toward key security outcomes. We will continue to work sector by sector with critical infrastructure owners and operators to accelerate rapid cybersecurity and resilience improvements and proactive actions.
- Ensure the new infrastructure is smart and secure. President Biden’s bipartisan infrastructure bill is an investment to modernize and strengthen our nation’s infrastructure. The government ensures that these projects, like expanding the country’s network of electric vehicle charging stations, are built to last and meet modern security standards, including cyber protection. Investments in digital security through the bipartisan Infrastructure Act (BIL) will also bring high-speed internet to underserved parts of the country, bridging the digital divide as well. Also, BIL, the government, has launched a unique cybersecurity grant program specifically for state, local and territorial (SLT) governments across the country. The State and Local Cybersecurity Grant Program provides SLT partners with $1 billion over four years, with $185 million available for fiscal year 2022, to support SLT’s efforts to reduce cyber risk for their address information systems and critical infrastructure.
- Strengthening the federal government’s cybersecurity requirements and raising the bar through government purchasing power. Through the Presidential Executive Order to Enhance the Nation’s Cybersecurity, issued in May 2021, President Biden has raised the bar for all federal government systems by requiring strong cybersecurity steps like multi-factor authentication. The government has also issued a strategy for implementing the federal Zero Trust architecture and budget guidelines to ensure federal agencies align resources with our cybersecurity goals. We’re also leveraging the purchasing power of the federal government to improve product cybersecurity for the first time by mandating security features in all software purchased by the federal government, improving security for all Americans.
- Fighting Ransomware Attacks to Protect Americans Online. In 2021, the government created the International Counter-Ransomware Initiative (CRI), bringing together partners from around the world to fight the scourge of ransomware. The White House will host international partners Oct. 31-Nov. 1 to accelerate and expand this collaborative work. This group has increased collective resilience, engaged the private sector, and disrupted criminal actors and their infrastructure. The United States has made it harder for criminals to move illicit funds, sanctioning a number of cryptocurrency mixers regularly used by ransomware actors to collect and “clean” their illicit earnings. A number of cyber criminals have also been successfully extradited to the United States to be tried for these crimes.
- Working with allies and partners to create a safer cyberspace. In addition to launching the International Counter Ransomware Initiative, the government has established cyber dialogues with a variety of allies and partners to build collective cybersecurity, formulate coordinated responses, and develop cyber deterrence. We are bringing this work to our key alliances – for example, establishing a new virtual Rapid Response Mechanism at NATO to ensure allies can support each other effectively and efficiently in the event of cyber incidents.
- Impose costs and strengthen our security against malicious actors. The Biden-Harris administration has not hesitated to respond forcefully to malicious cyber actors when their actions threaten America’s or our partner’s interests. In April 2021, we sanctioned Russian cyber actors linked to the Russian intelligence services in response to the SolarWinds attack. We worked with allies and partners to credit a destructive hack of the Viasat system early in the Russian war in Ukraine.
- Implementation of internationally recognized cyber standards. The administration is committed to ensuring that internationally negotiated standards are implemented to define cyber “rules of the road”. More recently, we have worked with international partners to denounce Iran’s counter-normative attack on Albanian systems of government and to make Tehran pay for the act.
- Developing a new label to help Americans know their devices are secure. This month, we’ll bring together businesses, associations, and government partners to discuss developing a label for Internet of Things (IoT) devices so Americans can easily identify which devices meet the highest cybersecurity standards to protect against hacking and other cybervulnerabilities. By developing and adopting a common label for products that meet U.S. government standards and are tested by audited and accredited bodies, we are helping American consumers easily identify safe technology to bring into their homes. We’ll start with some of the most common and often most vulnerable technologies — routers and home cameras — to make the greatest impact as quickly as possible.
- Building the nation’s cyber workforce and strengthening cyber education. The White House hosted a National Cyber Workforce and Education Summit, which brought together leaders from government and across the cyber community. At the summit, the administration announced a 120-day Cybersecurity Apprenticeship Sprint to help provide competency-based pathways into cyberjobs. With the momentum of the Summit, the government continues to work with partners across society to build our nation’s cyber workforce, improve skill-based pathways to high-paying cyber jobs, and educate Americans so they have the skills to function in our increasingly digital society to be succesfull. and Improving Diversity, Equity, Inclusion and Accessibility (DEIA) in the cyber space.
- Securing the future – from online trading to state secrets — by developing quantum-resistant encryption. We all rely on encryption to protect our data from being compromised or stolen by malicious actors. Advances in quantum computing are threatening this encryption, so this summer the National Institute of Standards and Technology (NIST) announced four new encryption algorithms that will become part of NIST’s post-quantum cryptography standard, expected to be completed in about two years. These algorithms are the first group of encryption tools designed to withstand the attack of a future quantum computer that could potentially crack security used to protect privacy in the digital systems we rely on every day, such as B. Online banking and email software.
- Developing our technological lead through the National Quantum Initiative and the issuance of National Security Memorandum-10 (NSM-10) to advance United States leadership in quantum computing while mitigating risks to vulnerable cryptographic systems. This initiative has more than doubled the United States government’s investment in research and development (R&D) in quantum technology and created new research centers and human development programs across the country. NSM-10 prioritizes US leadership in quantum technologies by accelerating R&D efforts, forging key partnerships, expanding the workforce and investing in critical infrastructure; will push the nation towards quantum-resistant cryptography; and protects our investments, businesses, and intellectual property as this technology advances so that the United States and our allies can benefit from advances in this new field without harm from those who would use them against us.