With the Biden administration’s new National Cybersecurity Strategy (NCS) out the door last week, Acting National Cyber Director Kemba Walden is laying out the next steps for implementation of the strategy, including possible inputs into Federal budgets that will begin to see the light of day later this week.
The strategy features multiple focus points including continuing efforts to improve security in already-regulated critical infrastructure sectors, a high-level goal of shifting more security responsibility onto providers of tech products and services, and a robust focus on using “all tools of national power” to go after attackers.
Speaking on March 6 at the State of the Net conference, Walden spoke enthusiastically about how the strategy was crafted with the input of hundreds of stakeholders. For the parties that provided input, “not all of them agree with us, but all of them understand it,” Walden said.
“It reflects every part of the cybersecurity community – large enterprises, not-for-profit, civil society, academia – it is a national cybersecurity strategy,” she said. “All the departments and agencies were involved in this process, so that’s one of the reasons why, in my view, we have a really balanced, forward-leaning bold strategy because we really took to heart how are we going to make this work.”
Next up in the process, she said, are plans to implement the strategy.
“So the hard part begins, you have this implementation part now that we are looking into,” Walden said. “We are trying to craft our implementation plans now because we want these things to work.”
“Some of these are going to be multi-year ventures, they’re going to involve everybody that we engaged in the strategy building process, and even more engaged in implementation,” she said. “It’s a whole government, whole of society activity.”
Walden likened the development of the strategy to date to the movements in a symphony.
“You’ve seen the first three movements, you stood up the office, we’ve got great people, we’ve launched the national cyber strategy, that is like Beethoven’s Fifth,” she said. “But we have the implementation plan to do, that’s another movement, we have the workforce strategy, the workforce awareness and education strategy … that’s another movement.”
Hinting at how the strategy may end up soon working its way into Federal budgets, Walden discussed what she called one of the “superpowers” of the NCD.
“We have this enormous power in the statute to align budgets, align cyber priorities and budgets across an agency,” she said. “That’s a superpower that I really like because nothing works if you’re not resourced properly.”
“So, we’re positioned to really be forward-leaning and find practical solutions to some of these problems,” Walden said.
The Biden administration is due to release its fiscal year 2024 budget request on March 9, perhaps providing a first look into how the cybersecurity strategy stacks up in terms of spending over the near term.