After years of failed voluntary, self-assessment cybersecurity compliance mandates, the Biden administration is moving aggressively in launching a series of heavy-handed regulations in hopes of shoring up America’s cyber defenses. According to James Lewis, a cybersecurity expert at the Center for Strategic and International Studies think tank, “It’s a break from the previous strategies, which focused on information sharing and public-private partnership as the solution…This goes well beyond that. It says things that others have been afraid to say.”
The seriousness of cyber could not be more underscored by comments from National Cyber Director Chris Inglis at a recent cyber conference. “If ‘tough’ means that we have to be serious about what we want cyberspace to do for us … then it’s time for us to be tough…If at the end of the day, self-enlightenment and market forces take us [only] so far … then we have to go a little bit further as we have for cars, or airplanes, or drugs and therapeutics.”
Again, the Biden administration’s push on cyber comes after years of failed voluntary measures, guidelines, and best practices as companies are simply ignoring many of the mandates being imposed on them. One of the biggest opponents of national cyber regulations has been the U.S. Chamber of Commerce. They’ve driven a successful, decade-long campaign against such measures, claiming the costs were prohibitive, and the ROI of such massive cyber mandates were questionable. But they’ve now softened their stance, saying that “...it shares “a mutual interest” with Inglis’s office — the ONCD — in “advancing regulatory harmonization, liability protections and federal preemption.”
It seems as if 2023 is the year that cybersecurity regulations and mandates have real teeth and enforcement powers. According to Mark Montgomery, senior fellow at the Foundation for Defense of Democracies.“The strategy reflects the hard lessons we’ve learned from SolarWinds [the Russian hack of U.S. agencies] to Colonial Pipeline — that our supply chain and our critical infrastructures are under duress,” “But the hard part comes next, translating all the good ideas into action.”
We are Arlington, a team of innovative, solution-oriented, highly agile, and well-versed professionals with decades of experience in working with America’s defense industry. From emerging cybersecurity regulations to helping our clients solve complex security & compliance solutions – and so much more – you can trust Arlington, the firm that’s Dedicated to Defense®. Learn more at arlingtonintel.com.