The Biden-Harris Administration has published the National Cybersecurity Strategy Implementation Plan (NCSIP), a roadmap designed to enhance cybersecurity measures and protect the United States against cyber threats.
The plan outlines over 65 high-impact federal initiatives that align with the National Cybersecurity Strategy’s five pillars: Defending Critical Infrastructure, Disrupting and Dismantling Threat Actors, Shaping Market Forces and Driving Security and Resilience, Investing in a Resilient Future, and Forging International Partnerships to Pursue Shared Goals.
“Each initiative is assigned to a responsible agency and is associated with a timeline for completion,” the NSCIP document reads. “Some of these initiatives are already underway and will be completed by the end of the Fiscal Year 2023. The Office of the National Cyber Director will work with the Office of Management and Budget to ensure funding proposals in the President’s Budget Request are aligned with activities in the Implementation Plan.”
Among the initiatives outlined in the plan, the Cybersecurity and Infrastructure Security Agency (CISA) will lead the effort to update the National Cyber Incident Response Plan. This update aims to “strengthen processes, procedures, and systems to more fully realize the policy that ‘a call to one is a call to all’.”
The implementation plan also addresses the growing threat of ransomware attacks. Through the Joint Ransomware Task Force, led by CISA and the FBI, the administration plans to combat ransomware by disrupting ransomware ecosystems and offering resources like training and cybersecurity services to high-risk targets such as hospitals and schools to help reduce the scale and duration of impacts in the event of an attack.
The Biden-Harris Administration emphasizes that the NCSIP is a “living document that will be updated annually” to adapt to changing threat landscapes and evolving initiatives. By implementing this plan and working in partnership with various stakeholders, the administration aims to enhance the nation’s cybersecurity posture, protect critical infrastructure, and promote responsible behavior in cyberspace.