U.S. Develops New Cyber Safety Strategy
For the first time in 15 years, the United States has a national agenda for protecting the country’s digital presence. The National Cyber Strategy launched in September in response to continued threats to online information and is expected to stand apart from previous attempts to deter illegal activity through a commitment to cyber crime prevention and punishment. The strategy is based on four pillars:
1) protecting the American people, homeland, and way of life;
2) promoting prosperity;
3) preserving peace through strength; and
4) advancing American influence. The U.S. will reportedly prioritize risk-reduction activities across seven areas, including healthcare, as part of the strategy. ADVANCE offers this summary inform healthcare providers on measures that could impact their use of digital technology and their patients’ utilization.
Protecting American People, Homeland, Way of Life
Objective: Manage risks to increase security and resilience of U.S. information and information systems.
- Secure federal networks and information.
What This Means: The Trump Administration will clarify relevant authorities, responsibilities, and accountability among departments and agencies for securing federal information systems while setting a standard for effective risk management. Authorities within the government will be centralized and greater visibility across agencies will occur.
- Secure critical infrastructure.
What This Means: In partnership with the private sector, the government will collectively use a risk-management approach to mitigate vulnerabilities and raise the base level of security. Deterring malicious cyber events by imposing costs, including prosecutions and economic sanctions, will be part of a broader strategy.
- Combat cyber crime and improve incident reporting.
What This Means: The Administration will reportedly push to ensure that federal departments and agencies have the necessary legal authorities and resources to combat transnational criminal activity, including identifying and dismantling tools and methods used to enable cybercrime. Law enforcement will be expected to work with private industry to confront challenges presented by technological barriers, such as encryption technologies.
Main Objective: Preserve the country’s influence in the technological ecosystem and the development of cyberspace as an open engine of economic growth, innovation, and efficiency.
- Foster a vibrant and resilient digital economy.
What This Means: The U.S. government is expected to model and promote standards that protect economic security and reinforce “the vitality of the American marketplace and innovation as the foundations of the economy become increasingly rooted in digital technologies.” As an example, the Administration expects the technology marketplace to support and reward continued development, adoption, and evolution of innovative security technologies and processes, and will reportedly work across stakeholder groups to promote internet best practices.
- Foster and protect U.S. ingenuity.
What This Means: The government will reportedly nurture innovation by promoting institutions and programs that drive competitiveness. Officials will counter predatory mergers, acquisitions, and intellectual property theft, and catalyze U.S. leadership in emerging technologies while promoting government identification and support to these technologies, such as artificial intelligence.
- Develop a superior cyber security workforce.
What This Means: The Administration will reportedly work with Congress to promote and reinvigorate educational and training opportunities to develop a robust cyber security workforce. This initiative is said to include expanding federal recruitment and training for those in cyber security careers.
Preserving Peace Through Strength
Main Objective: Identify, counter, disrupt, degrade, and deter behavior in cyberspace that is destabilizing and contrary to national interests.
- Enhance cyber stability through norms of responsible state behavior.
What This Means: A framework of responsible behavior in cyberspace that is built upon international law, adherence to voluntary non-binding norms of responsible state behavior, and the consideration of practical confidence-building measures to reduce risk of conflict stemming from malicious cyber activity will be promoted. Actionable goals will include encouraging universal adherence to cyber norms.
- Attribute and deter unacceptable behavior in cyberspace.
What This Means: A formalized, routine strategy on how the U.S. will work with like-minded partners to attribute and deter malicious activities is expected to lead to swift, costly, and transparent consequences when warranted.
Advancing American Influence
Main Objective: Preserve the long-term openness, interoperability, security, and reliability of the internet.
- Promote an open, interoperable, reliable, and secure internet.
What This Means: Collaboration with like-minded countries and other stakeholders to advance human rights and internet freedom will occur. Action plans include promoting a multi-stakeholder model of internet governance and promoting an interoperable, reliable communications infrastructure and internet connectivity.
- Build international cyber capacity.
What This Means: Through cyber-capacity-building initiatives, the U.S. builds strategic partnerships that promote cyber security best practices through an open, interoperable, reliable, secure internet. The sharing of cyber threat information assists the defense against cyber crime. Building partnerships is expected to empower international allies to implement effective online policies and practices.