On March 2, the White House announced a National Cybersecurity Strategy that seeks to establish “deep and enduring collaboration among stakeholders” as the foundation of securing the digital ecosystem.
On Episode 13 of The Trust Corner podcast, host Elena Kvochko, Chief Trust Officer at SAP, Niall Brennan, Global Security Liaison Officer for SAP’s Global Security organization, and Kevin Richards, Vice President and Head of U.S. Government Relations at SAP, were joined by special guest Sean Newell, Senior Counsel to the Office of the Deputy Attorney General of the United States. During their conversation, they explored the most important provisions proposed in the Strategy and what we can expect to see from the U.S. government as they proceed to implement it.
Overview of the Cybersecurity Strategy
The Cybersecurity Strategy is part of a larger effort by the Biden administration to strengthen our cyber defenses and governance to enable growth in emerging technologies. The Strategy is structured around five pillars, each with strategic objectives: defend critical infrastructure, disrupt and dismantle threat actors, shape market forces to drive security and resilience, invest in a resilient future, and forge international partnerships to pursue shared goals.
“Within those strategic objectives, there is a summary of where the government is on each of these issues, where we want to go, and a very high-level summary of the plan we have to get there,” shared Newell. The goal is that all components of the federal government are growing in the same direction. The next phase is to begin the implementation, led by the Office of the National Cyber Director.
The Need for Collaboration Between Private and Public Sectors
The collaboration between the private and public sectors is a crucial step in the strengthening U.S. cyber defenses. Pillar One of the Strategy addresses this need by including mandating cybersecurity requirements, streamlining regulation, scaling public and private sector collaboration and creating a much more integrated national Cyber Incident Response Plan.
“It’s impossible these days to secure the digital ecosystem unilaterally and protect oneself from all threats,” Brennan stated about the need of the private and public sectors to collaborate. To build a more resilient digital environment, large companies are building relationships with government agencies like CISA and the FBI. SAP, for example, has joined several national level and global level private/public partnerships, including Domestic Security Alliance Council (DSAC) run by the FBI and U.S. Department of Homeland Security, to create a network of companies to collaborate on security issues.
Kevin Richards, who ensures SAP has a seat at the table when government agencies are developing regulations that will impact our business, customers, employees, and partners, stated, “There are a few areas of consensus between industry and government, and the Strategy is a much-needed step towards a clear roadmap for collaboration between agencies and industry partners.” He also mentioned how businesses support the administration’s intent to harmonize new and existing cyber regulations and appreciates the clean and measurable set of goals with ambitious, yet realistic timelines outlined in the Strategy.
Developing the Cyber Workforce
The National Cybersecurity Strategy has provided guidance for the public and private sectors to collaborate in the fight against cybercrime. However, new guidelines and efforts to create a more secure digital environment requires cybersecurity professionals that can enable industry and government to achieve their shared goals. In addition to streamlining the collaboration between government and industry, the Strategy also calls for the development of a national strategy to strengthen the cyber workforce.
This topic is close to the heart of SAP, specifically the Chief Trust Office, which has worked on developing the future cyber workforce since 2021. Highlighting the efforts of the Chief Trust Office in this space, Kvochko said, “My team has worked to develop cybersecurity programs in collaboration with colleges and universities across the country to foster the future talent pipeline and narrow the gap in the cybersecurity workforce.” With the help of the federal government and government agencies in closing the gap in the cyber workforce, securing the digital ecosystem will become a much more achievable goal.
To listen to the full episode of the podcast and learn more about the National Cybersecurity Strategy, click here.