Summary: National Cybersecurity Strategy Implementation Plan July 2023

-

National Cybersecurity Strategy Implementation Plan July 2023 PDF

Executive Summary

The document is the National Cybersecurity Strategy Implementation Plan. It is structured by pillar and strategic objective, aligning with the National Cybersecurity Strategy, which has five pillars and 27 strategic objectives. Each initiative under a pillar is associated with a strategic objective and has a unique number, title, description, reference to the National Cybersecurity Strategy, responsible agency, contributing entities, and an estimated completion date.




Pillar One: Defend Critical Infrastructure

  1. Develop a National Cybersecurity Strategy Implementation Plan

  2. Establish a National Cybersecurity Safety Board

  3. Develop a Cybersecurity Framework Profile for the Defense Industrial Base

  4. Develop a Cybersecurity Framework Profile for the Energy Sector

  5. Develop a Cybersecurity Framework Profile for the Financial Services Sector

  6. Develop a Cybersecurity Framework Profile for the Healthcare and Public Health Sector

  7. Develop a Cybersecurity Framework Profile for the Transportation Systems Sector

Pillar Two: Disrupt and Dismantle Threat Actors

  1. Publish an updated DOD Cyber Strategy

  2. Strengthen the National Cyber Investigative Joint Task Force (NCIJTF) capacity.

Pillar Three: Shape Market Forces to Drive Security and Resilience

  1. Drive the Development of Secure IoT Devices

  2. Implement Federal Acquisition Regulation (FAR) requirements per the Internet of Things (IoT) Cybersecurity Improvement Act of 2020

  3. Initiate a U.S. Government IoT security labeling program

  4. Shift Liability for Insecure Software Products and Services

  5. Explore approaches to develop a long-term, flexible, and enduring software liability framework

  6. Advance software bill of materials (SBOM) and mitigate the risk of unsupported software

  7. Coordinated vulnerability disclosure

  8. Use Federal Grants and Other Incentives to Build in Security

  9. Leverage Federal grants to improve infrastructure cybersecurity

  10. Prioritize funding for cybersecurity research

  11. Prioritize cybersecurity research, development, and demonstration of social, behavioral, and economic research in cybersecurity.

  12. Leverage Federal Procurement to Improve Accountability

  13. Implement Federal Acquisition Regulation (FAR) changes required under EO 14028

  14. Leverage the False Claims Act to improve vendor cybersecurity

  15. Explore a Federal Cyber Insurance Backstop

  16. Assess the need for a Federal insurance response to a catastrophic cyber event.


Pillar Four: Invest in A Resilient Future

  1. Secure the Technical Foundation of the Internet

  2. Lead the adoption of network security best practices

  3. Promote open-source software security and the adoption of memory-safe programming languages

  4. Accelerate the development, standardization, and adoption of foundational Internet infrastructure capabilities and technologies

  5. Collaborate with key stakeholders to drive secure Internet routing

  6. Reinvigorate Federal Research and Development for Cybersecurity

  7. Accelerate maturity, adoption, and security of memory-safe programming languages

  8. Prepare for Our Post-Quantum Future

  9. Implement National Security Memorandum-10

  10. Implement NSM-10 for National Security Systems (NSS)

  11. Standardize, and support the transition to post-quantum cryptographic algorithms

  12. Secure Our Clean Energy Future

  13. Drive adoption of cyber secure-by-design principles by incorporating them into Federal projects.

  14. Develop a plan to ensure the digital ecosystem can support and deliver the U.S. Government’s decarbonization goals.

  15. Build and refine training, tools, and support for engineers and technicians using cyber-informed engineering principles.

  16. Develop a National Strategy to Strengthen Our Cyber Workforce

  17. Publish a National Cyber Workforce and Education Strategy and track its implementation.


Pillar Five: Forge International Partnerships to Pursue Shared Goals

  1. Build Coalitions to Counter Threats to Our Digital Ecosystem

  2. Create interagency teams for regional cyber collaboration and coordination

  3. Publish an International Cyberspace and Digital Policy Strategy

  4. Strengthen Federal law enforcement collaboration mechanisms with allies and partners

  5. Regional cyber hubs study

  6. Strengthen International Partner Capacity

  7. Strengthen international partners' cyber capacity

  8. Expand international partners' cyber capacity through operational law enforcement collaboration.

  9. Expand U.S. Ability to Assist Allies and Partners

  10. Establish flexible foreign assistance mechanisms to provide cyber incident response support quickly.

  11. Build Coalitions to Reinforce Global Norms of Responsible State Behavior

  12. Hold irresponsible states accountable when they fail to uphold their commitments

  13. Secure Global Supply Chains for Information, Communications, and Operational Technology Products and Services

  14. Promote the development of secure and trustworthy information and communication technology (ICT) networks and services

  15. Promote a more diverse and resilient supply chain of trustworthy information and communication (ICT) vendors

  16. Begin administering the Public Wireless Supply Chain Innovation Fund (PWSCIF)

  17. Promulgate and amplify Cybersecurity Supply Chain Risk Management (C-SCRM) key practices across and within critical infrastructure sectors

Comments

Post a Comment

Popular posts from this blog

LOTRO Daybreak TOS / EULA 2024 Analyzed

-
Image
  I like to copy EULAs and TOS and run them through ChatGPT for analysis.  Here's the analysis related to LOTRO and the new owners of Daybreak Games.  This is the third company that owns this product. Analysis of EULA Analyzing the Daybreak Games End User License Agreement (EULA), several aspects appear to reflect consumer-unfriendly behavior: Unilateral Modification of Agreement : Clause : Daybreak reserves the right to modify the EULA at any time without needing explicit consent from the user. The user is simply expected to check for updates periodically. Issue : This places an undue burden on the user to stay informed about changes. It can result in significant modifications to the terms under which they initially agreed to use the service, potentially reducing their rights or imposing additional obligations. License Termination : Clause : Daybreak can terminate the user's license to use the game, including any purchased content, at any time, often without notice or re...
Read more

Sadtalker Poses 1-40: Dynamic Video Grid with Interactive Controls

-
Image
This is used to illustrate the various poses in SADTALKER, as I couldn't find a reference.  There are 49 pose styles.  Here are 40 examples.  Download the examples and the HTML from my Google Drive:  Download the MP4s and HTML .  Just drop it in a directory with the MP4s.  If you want to use your own, just do a generation with each pose style on the SADTALKER slider and name the files 1.mp4, 2.mp4, etc. I did not write a line of code; ChatGPT4o did the work there.  The voices were from eleven labs cloned from me.  The MP4s were generated by the open-source SADTALKER photo-to-video open-source technology.  GITHUB PROJECT HERE  GITHUB PROJECT HERE Introduction In the digital age, content presentation is just as important as the content itself. Creating a dynamic and responsive video grid can significantly enhance user engagement for web developers and designers looking to showcase multiple video files effectively. In this blog post, I will...
Read more