WASHINGTON D.C.— National Cyber Director Chris Inglis is expected to release the Biden administration’s first comprehensive national cybersecurity strategy in the coming days, a document that many expect will meet industry pushback as it could expand the government’s role in protecting the nation’s digital infrastructure.
As supply chain attacks continue to increase, securing the supply chain is at the forefront of lawmakers’ minds. U.S. President Joe Biden issued an executive order earlier this year that directed the National Institute of Standards and Technology to create guidance “identifying practices that enhance the security of the software supply chain,” and the U.K.’s National Cyber Security Centre (NCSC) has issued guidance on how organizations can better assess their supply chain security. But securing the software supply chain is a complicated beast, as it requires companies to know exactly where their software is coming from, and who had a part in creating it.
The Biden administration issued its national security strategy last Wednesday, clearing the way for the imminent release of Inglis’s document. The strategy will be the first since the Trump administration released its national cybersecurity strategy in 2018. Early reports suggest that the strategy is far more demanding of industry than previous efforts, with one source telling CyberScoop in July that Inglis plans to “more forcefully use government power in the cyber arena.”
Inglis said the strategy was drafted with the idea that cybersecurity regulation needs to go a “bit further, as we have for cars.” He said the strategy is meant to convey an “affirmative intentionality.”