



The White House released the United States’ new National Cybersecurity Strategy in March 2023. The framework aims to protect critical infrastructure, including hospitals and clean energy facilities, from cyber threats. It also aims to increase collaboration with international coalitions and partnerships to counter threats to the digital ecosystem.

The U.S. government continues its efforts to bolster the nation’s cybersecurity prowess and bolster its overall technology governance strategy.

Earlier this month, President Joe Biden released a new National Cybersecurity Strategy, which outlines the government’s actions to secure cyberspace and create a resilient digital ecosystem that is easier to defend than attack, open and safe for all.

“When we pick up our smart phones to keep in touch with our loved ones, we connect to social media to share our ideas with each other, or we connect to the internet to run a business or fulfill one of our basic needs, we need to be able to trust that the underlying digital ecosystem is safe, reliable and secure,” Biden wrote in the framework’s preface.

The strategy is part of a broader effort by the Biden administration to strengthen cyber and technology governance. This included efforts to increase the responsibility of tech companies, strengthen privacy protections and ensure fair competition online.

Why does the United States need a national cybersecurity strategy?

The world is increasingly complex and cyber threats are increasingly sophisticated, with ransomware attacks causing billions of dollars in economic losses in the United States. In 2022, the average cost of a ransomware attack was over $4.5 billion, according to IBM.

The greatest risks we face are interconnected, creating the threat of a “polycrisis,” in which the combined global impact of these events is greater than their individual impact.

This also applies to technological risks, where, for example, attacks on critical information infrastructures could have disastrous consequences for public infrastructure and health, or where growing geopolitical tensions increase the risk of cyberattacks.

Cybercrime and cyber insecurity was rated by risk experts interviewed for the World Economic Forum’s Global Risks Report as the eighth most significant risk in terms of severity of impact, both in the short term ( next two years) and over the next decade.

How cyber crime and cyber insecurity are linked to other global risks.

Image: World Economic Forum Global Risks Report 2023

In 2022, state-sponsored cyberattacks targeting users in NATO countries increased by 300% compared to 2020, according to Google data.

With cyberattacks on the rise, experts at the World Economic Forum’s annual meeting in Davos predicted that 2023 would be a “busy year” for cyberspace with a “cyber storm.”

This is a global threat, which calls for a global response and strengthened and coordinated action, said Jrgen Stock, Secretary General of the International Criminal Police Organization (INTERPOL), in Davos.

The Forum’s Global Cybersecurity Outlook 2023 also revealed that 93% of cybersecurity experts and 86% of business leaders believe that global instability will negatively impact their ability to deliver cybersecurity over the next two years.

Robust cybersecurity is key to harnessing the promise of emerging technologies to enable growth and shared prosperity, while minimizing the perils they pose.

As Biden notes, “Cybersecurity is essential to the basic functioning of our economy, the operation of our critical infrastructure, the strength of our democracy and our democratic institutions, the privacy of our data and communications, and our national defense. .

“We must ensure that the Internet remains open, free, global, interoperable, reliable and secure, rooted in universal values ​​that respect human rights and fundamental freedoms.”

What are the 5 pillars of the national security strategy?

The COVID-19 pandemic has accelerated global digital transformation, meaning we rely on connected devices and digital technology to do more than ever before putting our lives and livelihoods further at risk from cyber threats.

The U.S. National Security Strategy recognizes the need to rebalance the burden of cybersecurity responsibility from small businesses and individuals toward public and private organizations best positioned to defend cyberspace through “robust collaboration.”

It also aims to build resilience in cyberspace by balancing the need to address immediate threats, while encouraging investment in the secure, long-term future of the digital ecosystem.

The World Economic Forum’s Center for Cybersecurity leads global action to address systemic cybersecurity challenges and improve digital trust. It is an independent and unbiased platform fostering cybersecurity collaboration across the public and private sectors.

Salesforce, Fortinet, and the Global Cyber ​​Alliance, in partnership with the Forum, offer free, globally accessible training for a new generation of cybersecurity experts. The Forum, in collaboration with the University of Oxford Oxford Martin School, Palo Alto Networks, Mastercard, KPMG, Europol, the European Network and Information Security Agency and the United States National Institute of Standards and Technology United, identifies future global risks related to next-generation technology. The Forum has improved cyber resilience in aviation while working with Deloitte and over 50 other companies and international organizations. Forum develops unique exchange platform for power industry cybersecurity leaders in collaboration Connected World Council agreed on IoT security requirements for consumer devices to protect them from cyber threats, calling on the world’s largest manufacturers and suppliers to take action for better IoT security. The Forum is also a signatory to the Paris Call for Trust and Security in Cyberspace, which aims to ensure global digital peace and security.

Contact us for more information on how to get involved.

Each of the five pillars it defines is broken down into strategic objectives, but here is a brief overview of what they entail:

1. Defend critical infrastructure

To build confidence in the resilience of US critical infrastructure, regulatory frameworks will establish minimum cybersecurity requirements for critical sectors.

2. Interrupt and Dismantle Threat Actors

Working with the private sector and international partners, the United States will seek to combat the threat of ransomware and disrupt malicious actors.

3. Shaping market forces to foster security and resilience

Grant programs will promote investment in secure infrastructure, while responsibility for secure software products and services will be shifted from the most vulnerable and good privacy practices will be encouraged.

4. Invest in a resilient future

A diverse cyber workforce will be developed and cybersecurity R&D for emerging technologies, including post-quantum encryption, will be prioritized.

5. Forge international partnerships to pursue common goals

The United States will work with allies and partners to counter cyber threats and create reliable and trustworthy supply chains for information and communications technology.

How do the Forums’ cybersecurity efforts support the priorities identified in the US strategy?

In response to the need for global collaborative public-private efforts to address growing cybersecurity challenges, the World Economic Forum launched the Center for Cybersecurity in 2018.

The Centre’s community, which includes more than 150 public and private sector organizations, has identified three key priorities: building resilience, strengthening global cooperation to combat cyber threats, and understanding future networks and technologies to build trust.

To build resilience and help protect critical infrastructure against cyberattacks, the Forum brought together stakeholders from the oil, gas and power sectors and developed best practices to address common challenges. These include management responsibility for organizational security and resilience throughout the supply chain, among others.

In addition, the Forums Partnership against Cybercrime initiative has published recommendations for public and private organizations aimed at facilitating dialogue and cooperation in the fight against cybercrime. Building on these recommendations, at the 2023 annual meeting, the Forum, with support from Fortinet, Microsoft, PayPal and Santander, launched the Cybercrime Atlas, an initiative to map cybercriminal activities and identify joint public and private sector responses.

To ensure that technologies are more secure and trustworthy, the Forum has also launched a Digital Trust Initiative which focuses on better decision-making around cybersecurity, privacy, human rights and privacy. ‘ethics. The initiative’s latest report highlights the need for a holistic view of technological development that protects and supports individual citizens and their rights and values.

The Forum, in partnership with the UC Berkeleys Center for Long-Term Cybersecurity, is also working on the Cybersecurity Futures 2030 program, a forward-looking scenario planning exercise to inform strategic cybersecurity plans around the world.

As the Forum’s Global Cybersecurity Outlook 2023 notes, cybersecurity is increasingly influencing how and where companies invest, with half reassessing the countries with which they do business. The lack of qualified cyber experts is another threat to businesses and societies, according to the report, with key sectors such as energy utilities reporting a 25% gap in critical skills.

The report also provides recommendations on what leaders can do to secure their organizations in the coming year.

