Inglis: Hundreds of gov’t, business orgs consulted for national cyber strategy
National Cyber Director Chris Inglis said on Wednesday his office is hard at work on a new national cybersecurity strategy and has already gotten feedback on the document from more than 300 organizations within the U.S. government and private sector.
Speaking at the Billington Cybersecurity Summit in Washington, D.C., Inglis told the audience that the White House has been collaborating on the effort with the National Security Council, the Cybersecurity and Infrastructure Security Agency, FBI and a “broad range of federal agencies and departments.”
Inglis explained that the document, which is reportedly expected to be released at the end of September, will incorporate many voices and noted that more than two-thirds of the organizations who have contributed are from the private sector.
“It will talk about cyber in the context of why we care about it, not for its own sake but so that we can do the functions dependent upon that, be they personal, business, national security or perhaps societal aspirations,” he told the audience.
The first national cybersecurity strategy was released in 2018 under the Trump administration but faced backlash from experts for its focus on offensive cyber operations.
CyberScoop reported in July that White House officials want the new federal strategy to center around aggressively defending the country’s critical infrastructure and pushing the private sector to protect critical networks.
The document will also outline the costs and investments required to deliver “resilience by design.”
“We have to be willing to pay the cost necessary to have confidence in this space, in the same way we have done for other systems of interest. We might not draw specific analogies to the transportation system or the drug and therapeutic systems that we benefit from, but those are great analogies to lift and shift into this space,” he said.
“We at some point came to understand how critical they were to our daily life and the critical functions, the health and safety that we want to have in our lives. We therefore were prepared to make the investments and what then resulted was something that was a shared responsibility, not the responsibility of one party alone.”
Inglis, a former NSA deputy director, and the Office of National Cyber Director (ONCD) were chosen to spearhead the strategy by White House National Security Advisor Jake Sullivan, according to internal documents from May seen by Politico.
Sullivan told agencies in a memo that it will focus "on cybersecurity here at home, while reflecting international dependencies.”
Deputy National Cyber Director for Strategy and Budget Rob Knake has led the effort alongside Harry Krejsa, acting assistant national cyber director for strategy and research, and Matthew Ferren, cyber policy adviser for ONCD, according to CyberScoop.
I am also thrilled to have Neal Higgins and Rob Knake on board. They have already proven to be invaluable members of our senior leadership, and I am grateful for their service.
— Chris Inglis (@ncdinglis) May 10, 2022
Officials said several working groups will tackle a variety of topics within the document, including cybersecurity hiring needs, information sharing, federal IT defense efforts and private sector collaboration.
The ONCD, which was established in 2021 through the National Defense Authorization Act, has quickly built out a staff since Inglis was sworn in to lead it last July. He was authorized by Congress to hire up to 75 staffers, according to Politico.
On Wednesday, Inglis stressed that the national cybersecurity strategy is a team effort involving dozens of stakeholders inside and outside of his office.
“I think those are the things you’ll see in our, and I mean that in the biggest possible sense, national cybersecurity strategy,” he said.
Jonathan Greig
is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.