U.S. Government Issues Precautions to Fight Ransomware
The effects of rampant ransomware attacks on businesses, government offices, financial institutions, and other websites have been expensive and challenging to tackle. In the last two years, a much larger focus has been placed on preventing these digital attacks. In March 2023, President Biden addressed the issue at a press conference, releasing a brand new National Cybersecurity Strategy. This announcement comes on the back of several worldwide conferences addressing hacking and digital safety.
Key Takeaways From Biden’s New Cybersecurity Strategy
In March, the president’s office issued a new cybersecurity strategy containing five pillars to improve digital safety. The National Cybersecurity Strategy asks tech companies and businesses to take responsibility for ensuring their sites are safe. According to the New York Times, it aims to protect valuable data clouds across the country.
This news release was a policy document, not legislation, and suggests a shift in attitude towards private companies, who must take responsibility for their security lapses, according to Biden’s administration. The current president is “urging greater mandates” for the business and tech industries, as they must provide a secure space when customers visit their websites.
According to the document, the Biden administration is continuing efforts to shut down hacking groups throughout the U.S. and abroad, making foreign threats a priority. Biden added that the Federal Bureau of Investigation and the Defense Department would “accelerate” their efforts to stop hacking attacks by breaking up ransomware groups and disrupting hackers.
Five Pillars of the New Cybersecurity Strategy
The National Cybersecurity Strategy document lists five pillars or goals for the government to focus on in the realm of digital security.
- Pillar I: Defending Critical Infrastructure – Includes various guidelines on creating better communication between departments, providing guidance to private-sector parties on receiving federal help for cyber attacks, and modernizing government computer systems with up-to-date security features.
- Pillar II: Disruptions and Dismantling of Threat Actors – Talks about “improved integration” of threat disruption by the federal government, encourages private sites to coordinate disruption activities, and seeks to improve government reporting to victims of hacks and cyber threats.
- Pillar III: Shaping Market Forces to Drive Security and Resilience – Seeks to hold “stewards of our data” accountable for security disruptions with the hope of eventually creating legislation that establishes some liability, strengthening contractual requirements for companies across the board, and stipulates a need for a federal plan of response to dire security threats.
- Pilar IV: Investing in a Resilient Future – The federal government seeks to create strategies to mitigate damage from autocratic governments that implement damaging strategies, as well as strengthen and diversify the cybersecurity field at home. This pillar also talks about preparing for the eventuality of quantum computing and building new energy infrastructure for the country.
- Pilar V: Forging International Partnerships to Pursue Shared Goals – Suggests better coordination between international law enforcement agencies to battle common digital threats while relying on locally based services developed with the aid of “trusted allies and partners” worldwide.
How Federal Legislation Trickles Down to Small Businesses
For small and independently-owned businesses, cyber security is vital. Every year, ransomware attacks and hackers cost these companies millions, as they don’t have the same resources as a large conglomerate to deal with the fallout. The best thing you can do is ensure your site is safe and encrypted. The current policy leads us to believe that there will be legislation in the future that will hold sites accountable if customer information is leaked or hacked.
If your company or office contains important, private information, ensure that it is adequately protected by having a dedicated IT team that’s well-versed in modern security features. Call Internal Computer Services at 804-672-10577 or contact us online for a consultation.