Biden’s cybersecurity plan offers the potential for real results

When the Cybersecurity and Infrastructure Security Agency introduced the Cyber ​​Security Strategic Plan 2024-26I was skeptical.

The title initially seemed like another document that follows and reinforces the steps of the Biden administrationnational cyber security strategy and the following National Cyber ​​Security Strategy Implementation Plan — both were very broad initiatives with clear room for improvement.

Upon closer examination, some of the goals to achieve the goals in this new Strategic cyber security plan from CISA contain a degree of specificity that many cybersecurity professionals have found lacking in previous cyber strategy documents. These goals commit CISA to working with the private sector to achieve some real and vital results in order to protect America’s critical infrastructure.

One goal of the plan is to “Address Immediate Threats” by making it “increasingly difficult for our adversaries to achieve their objectives by targeting US and allied networks.”

To do this, CISA says it will “wWork with partners to gain visibility into the scope of intrusions targeting our country, enable disruption of threat campaigns, ensure adversaries are quickly routed when intrusions occur, and accelerate mitigation of exploitable conditions that adversaries repeatedly exploit.” .

Previous strategies and implementation plans were aspirational in nature and excluded key elements or targets that would achieve the strategy’s goals. It’s encouraging to see details that dig a little deeper and shift the focus to a more aggressive, intelligence-based stance instead of a reactive one.

For example, the plan seeks to “increase the visibility and mitigation capability of cybersecurity threats and campaigns…(and) coordinate the disclosure, search, and mitigation of critical and exploitable vulnerabilities.”

Focusing forward and expanding the defensive perimeter to intercept malicious activity is key to enabling this strategy. Like all contested endeavors, the balance of power results in whoever wins the initiative. With advances in artificial intelligence and high-speed computing, it is possible for the US to take the initiative and detect and mitigate malicious activity outside of organizational pockets. If CISA is able to operationalize its strategy and utilize all available resources, then it is possible to remove the significant time advantage currently enjoyed by adversaries and mitigate threats abroad.

Possibilities of the private sector

Private sector capabilities can help CISA achieve these goals. Best-in-class commercial products can produce relevant and actionable information to help stop and mitigate threats, and are being adopted by the industry today. Private sector cyber analysis capabilities can help quickly uncover adversary actions and thus quickly provide that information to communities of interest and designated covered entities.

More specifically, these innovative products are already producing a positive return of harmful events of concern in business technology, information technology, and the Internet of Things (IoT). This is done by producing near-real-time information about geographic location, infrastructure in use, historical malicious cyber activity, malware characteristics, and illuminating the entire hacker ecosystem to better protect covered entities now and in the future. future.

These capabilities and the resulting intelligence, or “clear, actionable guidance,” as defined in the plan’s goals, can also help push CISA to the U.S. to “increase the costs to offenders and increase friction for malicious activities by leading a national effort defined by speed and scale: when an adversary compromises an American network, they are quickly identified and expelled before damage occurs. when an exploitable condition occurs, it is similarly detected and remedied before an intrusion takes place.”

Overall, CISA’s Strategic cyber security plan improves on previous guidance to outline specific steps to secure America’s critical infrastructure. By strengthening public-private partnerships and expanding the defense perimeter, the federal government can make informed decisions and improve our overall cyber posture. CISA has set specific, achievable goals for achieving effective outcomes and must now work with the private sector to ensure such outcomes.

Col. Stephen P. Corcoran (USMC, ret.) is Director of Cyber ​​Strategy at Telos Corp. an information technology and cybersecurity company located in Ashburn, Va.