Devin Partida writes about cyber security and technology. She is also the Editor-in-Chief of ReHack.com.
Cyber security is a pressing issue for the US, endangering the private sector and government alike. Historically, the nation hasn’t had an impressive security record either, with federal agencies reporting 35,277 cyber incidents in 2017 alone. In light of this pressing issue, businesses and government agencies have taken several steps to improve cyber security in the US.
As global cyber crime rates and the threat of state-sponsored cyber attacks rise, it’s become increasingly critical to secure the country’s digital infrastructure. Here are five ways the US is attempting to do so.
1. Creating the Cybersecurity and Infrastructure Security Agency (CISA)
Perhaps the most significant step the country has taken toward better cyber security was the creation of CISA in 2018. It serves as the nation’s primary cyber security resource. CISA works to safeguard the government’s digital systems and provide training and certification for private citizens and businesses.
Cyber security is now a matter of national security, with state-sponsored hacks becoming more common around the globe. A government agency focused on cyber defenses was a necessary step in protection. If CISA lives up to its mission statement, it’ll equip the US with the resources it needs to stay safe from various cyber threats.
2. Raising security standards for government contractors
Given the rising threat of cyber attacks on the government, the nation needs to restrict contractors’ and partners’ access. The Department of Defense (DoD) did just that, enacting the Cybersecurity Maturity Model Certification (CMMC) in late 2020. This program requires the DoD’s more than 300,000 contractors to meet new security standards.
CMMC involves five levels of certification, requiring higher ones for work involving more sensitive data. These standards will help reduce the risk of a data breach from companies working with the government.
3. Offering free learning resources
The first step toward better cyber security is knowledge. Without an understanding of cyber threats and how to prevent them, businesses and individuals won’t be able to stay safe for long. To combat this, the Department of Homeland Security established the Federal Virtual Training Environment (FedVTE).
The FedVTE offers cyber security courses across all proficiency levels for free to anyone who wants to access them. Businesses and individuals in all circumstances can access these resources and become better cyber security stewards. Since human error is behind as much as 90% of data breaches, this learning platform is a crucial security measure.
4. Establishing a public-private partnership
While the government is responsible for national cyber security, most threats and innovations arise from the private sector. As a result, partnerships between government agencies and private cyber security firms are essential. CISA has recognized this need and established alliances and information-sharing programs to enable this collaboration.
The private sector owns roughly 85% of the nation’s critical infrastructure, so these partnerships are crucial. If there were too many barriers between these companies and the government, it could lead to poor security standards and catastrophic cyber attacks.
5. Enacting state cyber security legislation
Not all of the US’s steps toward better cyber security are happening at a federal level. As cyber crime and data security becomes a more pressing issue, several states have enacted cyber security legislation. In 2020 alone, 38 of them at least considered laws governing cyber security.
Standouts among these include California’s SB-327, the first IoT security law in the nation. As more states adopt these policies, national cyber security will reach new heights.
The US has made significant strides, but there’s still room for improvement
Over the past few years, the US has started to take cyber security seriously at a national level. It’s still far from perfect, but these recent developments are promising. If the country can continue to pursue cyber security this fervently, all of its citizens will be safer for it.