Skip to main content
close search
site logo

US looks to reimagine cybersecurity paradigm with burden shift, rebuilt infrastructure

Security needs to be baked into the technology Americans use every day and not bolted onto aging systems, said Kemba Walden, acting national cyber director.

Published March 24, 2023
David Jones's headshot
Reporter
Kemba Walden, acting national cyber director, rolls out the National Cybersecurity Strategy at a forum by the Center for Strategic and International Studies.
Kemba Walden, acting national cyber director, rolls out the National Cybersecurity Strategy at a forum by the Center for Strategic and International Studies. Permission granted by Office of the National Cyber Director

The Biden administration wants to change the paradigm for how the government and private industry think about the immediate needs and long-term technology infrastructure requirements for the U.S., according to the president’s top advisor on cybersecurity. 

The national cybersecurity strategy calls for two fundamental shifts in how the U.S. allocates roles, responsibilities and resources in the sector, Acting National Cybersecurity Director Kemba Walden told House members on Thursday. 

The U.S. needs to rebalance the responsibility for managing cyber risk so the burden doesn’t fall on the least capable members of society, according to Walden. Currently, the responsibility for cybersecurity falls on individuals, small businesses and local governments, Walden said. 

“Instead the biggest, most capable and best-positioned actors in our digital ecosystem can and should shoulder a greater share of the burden for managing cyber risk and keeping us all safe,” Walden testified Thursday before the House Subcommittee on Cybersecurity, Information Technology and Government Innovation.  

The U.S. economy and wider society also needs to incentivize investments that make cyberspace more resilient and defensible long term, Walden said. 

Security needs to be baked into the technology Americans use every day, Walden said, and not bolted onto aging systems that are vulnerable to malicious attacks. 

Among the important aspects of burden shifting is to make sure small- and medium-sized businesses do not bear the brunt of cybersecurity risk. Walden confirmed the U.S. is considering a federal backstop for cyber insurance coverage. 

Walden compared the risk concerns to flood insurance, which has been a growing risk in terms of protecting U.S. businesses and individual residents across the country. Most homeowners insurance policies do not cover flood damage, however the federal government offers a flood insurance program through FEMA. 

The goal with a potential cyber insurance backstop would be to protect SMBs from bearing the full cost of a breach, while making sure those systems are resilient. 

Officials have already begun work to raise minimum standards for critical infrastructure providers, but the administration does not want to overburden any one particular sector with regulations. 

As previously reported, the Securities and Exchange Commission and the Environmental Protection Agency have separately announced proposed changes to raise minimum cybersecurity standards for financial industry participants and drinking water providers. 

Filed Under: Policy & Regulation

Editors' picks

Company Announcements

View all | Post a press release
DigiCert Unveils 2025 Security Predictions
From DigiCert
November 21, 2024
Fathom5’s ARIA Technology Joins NSIN Propel Maritime Digital Defense Accelerator
From Fathom5
November 18, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Nile Adds Industry’s First Campus Zero Trust Delivered As a Service
From Nile
November 21, 2024
Editors' picks
Latest in Policy & Regulation
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell