US Publishes Implementation Plan for National Cybersecurity Strategy

The Biden-Harris administration on Thursday published a roadmap to implement the National Cybersecurity Strategy (NCS).

Meant to ensure transparency and coordination, the National Cybersecurity Strategy Implementation Plan (NCSIP) details over 65 initiatives for combating ransomware and other cybercrime, building a skilled cyber workforce, and bolstering cooperation between governmental agencies.

“The NCSIP, along with the Bipartisan Infrastructure Law, CHIPS and Science Act, Inflation Reduction Act, and other major Administration initiatives, will protect our investments in rebuilding America’s infrastructure, developing our clean energy sector, and re-shoring America’s technology and manufacturing base,” the White House said.

The implementation of the NCS includes initiatives from 18 agencies, with the Office of the National Cyber Director (ONCD) in charge of coordinating activities and working with the Office of Management and Budget (OMB) to align funding proposals with NCSIP initiatives.

Implementing the plan, the administration said, requires collaboration with the private sector, federal governments, civil society, Congress, and international partners.

The NCSIP provides guidance for federal agencies in incident response and recovery, pushes for collaboration in disrupting ransomware and other cybercrime groups, details Cybersecurity and Infrastructure Security Agency (CISA) actions towards reducing supply chain risks, calls for investments in international cybersecurity standardization, and designates the Department of State for the publishing of an International Cyberspace and Digital Policy Strategy.

“The National Cybersecurity Strategy Implementation Plan (NCSIP) gives much-needed guidance for agencies on improving cyber resilience. It assigns time bound goals and initiatives to each agency – giving them direction on how to reach the strategy’s clear objectives,” Gary Barlet, CTO at cybersecurity firm Illumio, told SecurityWeek in an emailed comment.

“It focuses on building cyber resilience now as well as down the road. This plan reflects the urgency of today’s cyber threats, and also demonstrates an understanding of the resource and fiscal challenges agencies face in overcoming these dangers,” Barlet added.

Related: Potential Outcomes of the US National Cybersecurity Strategy

Related: Analysis: SEC Cybersecurity Proposals and Biden’s National Cybersecurity Strategy

Related: Industry Experts Analyze US National Cybersecurity Strategy