What Technology Companies Should Know About the New National Cybersecurity Strategy Announcement

Recently the White House released its new National Cybersecurity Strategy, which outlines several key priorities for enhancing the US’s cybersecurity posture and taking aim at the increasing threat landscape associated with our digital ecosystem. The new Strategy focuses on several key areas, including improving threat detection and response, enhancing the security of critical infrastructure, increasing cyber awareness, promoting the privacy and security of personal data, and developing comprehensive risk management plans.

A significant focus is an industry-wide collaboration to develop enhanced strategies for how US companies allocate roles, responsibilities, and resources toward addressing cybersecurity. The guidance suggests technology companies take the lead on public-private collaboration efforts to elevate security over the technology solutions that are often exploited during cyber-attacks.

Key elements of the new Strategy and considerations that companies should be aware of include:

Increased Responsibility Placed on Software Providers

The Strategy involves shifting the burden of cybersecurity from individuals, small businesses, and local governments and putting responsibility in the hands of software developers and other institutions with the requisite resources and expertise. The Strategy calls for proposing legislation that establishes liability to software makers that fail to take precautions to secure their products and services and, conversely, driving the development of an adaptable, safe harbor framework to protect companies that do securely develop and maintain their software products and services.

As a result, companies should look to explore opportunities to collaborate with government agencies, other technology companies, and advisors to share information and best practices and to develop joint strategies for mitigating cybersecurity risks.

Investment in Cybersecurity Technology

The Strategy also includes an increased focus on incentivizing current and long-term investments in cybersecurity. This includes prioritizing cybersecurity research and development for newer technologies, as well as allocating resources to expand the cybersecurity workforce. Companies in the technology sector should be prepared to invest in innovative technologies like artificial intelligence, machine learning, and blockchain to enhance their cybersecurity defenses. By staying at the forefront of these technologies, companies can better protect their own assets and contribute to the larger cybersecurity ecosystem.

The Strategy also alludes that Federal grant programs will be made available to help companies who place an emphasis on cybersecurity to promote developing new infrastructure that is secure and resilient.

Embrace a Risk-Based Approach to Cybersecurity

The Strategy emphasizes the importance of taking a risk-based approach to cybersecurity. As a best practice, companies should prioritize their cybersecurity investments based on the specific risks that they face. By conducting regular risk assessments and developing tailored risk mitigation strategies, companies can better protect themselves against their most significant threats.

The Strategy also highlights the importance of adopting a zero-trust approach to cybersecurity. This means that companies should assume that all systems and users are potentially compromised and implement strict access controls and monitoring to prevent and detect unauthorized access. Technology companies should also ensure that stringent system development lifecycle (SDLC) controls are in place to protect against vulnerabilities when developing products. This may include implementing enhanced code reviews as part of system development, robust patch management programs, and securing the source code behind software through a combination of network segmentation, use of secure source code repositories, and other risk mitigating controls.

How Centri Can Help

At Centri, our IT risk and cybersecurity advisory services are designed with your greatest assets in mind — your people. We’re here to offer you the support, resources, and expertise you need, exactly when you need it most. Our advisory experts work alongside your senior leadership to help understand your current needs and align them with the right solutions. Please contact us for more information or to explore how our expertise in cybersecurity risk management aligns with the specific needs of your company.

Rich Sowalsky

Managing Director | IT Risk & Cybersecurity Practice Leader | CISA

Rich is a Managing Director at Centri Business Consulting and the leader of the firm’s IT Risk & Cybersecurity Practice. He has more than 14 years of combined experience in internal control consulting, IT risk, cybersecurity advisory, and risk-based internal audits and accounting. View Rich Sowalsky's Full Bio

About Centri Business Consulting, LLC

Centri Business Consulting provides the highest quality advisory consulting services to its clients by being reliable and responsive to their needs. Centri provides companies with the expertise they need to meet their reporting demands. Centri specializes in financial reportinginternal controlstechnical accounting researchvaluationmergers & acquisitions, and tax, CFO and HR advisory services for companies of various sizes and industries. From complex technical accounting transactions to monthly financial reporting, our professionals can offer any organization the specialized expertise and multilayered skillsets to ensure the project is completed timely and accurately.

Philadelphia
Eight Penn Center
1628 JFK Boulevard
Suite 500
Philadelphia, PA 19103
New York City
530 Seventh Avenue
Suite 2201
New York, NY 10018
Raleigh
4509 Creedmoor Rd
Suite 206
Raleigh, NC 27612
Tampa
615 Channelside Drive
Suite 207
Tampa, FL 33602
Atlanta
1175 Peachtree Street NE
Suite 1000
Atlanta, GA 30361
Boston
50 Milk Street
18th Floor
Boston, MA 02109
Tysons Corner
1775 Tysons Blvd
Suite 4131
McLean, VA 22102
Denver
8310 South Valley Highway
3rd Floor
Englewood, CO 80112
Centri Everywhere
1-855-CENTRI1
virtual@CentriConsulting.com

04/23/2024

Bridging the GAAP: April 2024

Centri’s Bridging the GAAP newsletter highlights this month’s news, developments, and emerging issues in the...

Read More

04/22/2024

In Case You Missed It: Centri Cannabis’s Cultivating Business

In case you missed it, join Centri’s Kevin McLaughlin, Partner and Cannabis...

Read More

04/19/2024

Kevin McLaughlin and Maxwell Heller Contribute to Cannabis Business Times: Will Bankruptcy Relief Reach Struggling Cannabis Business?

Centri’s Kevin Mclaughlin, Partner & Cannabis Practice Leader, and Maxwell Heller, Managing...

Read More