No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Cybersecurity

A National Cybersecurity Strategy Is Coming. Are You Prepared?

Upcoming policy illustrates that government is taking cyber threat seriously

by FTI Consulting
November 2, 2022
in Cybersecurity, Opinion
us cyber security_n

We don’t know exactly what will be in the upcoming national cybersecurity strategy. But, as FTI Consulting’s Anthony J. Ferrante explains, the policy will almost certainly be an improvement on the status quo.

National Cyber Director Chris Inglis has said the Biden Administration plans to release a national cybersecurity strategy this year, perhaps as early as the end of this month. The strategy, and the corresponding efforts of Inglis, aim to “more forcefully use government power in the cyber arena,” according to reports.

Without seeing the actual proposed policy, whether this explicitly means expanded government oversight related to cybersecurity protections of the nation, an increased regulatory response — or both — is not yet clear. Regardless, it can be expected that the desires of the U.S. government and President Joe Biden are to take the genuine cybersecurity threat more seriously and offer a more active role in helping organizations, both in the public and private space, combat cyber attacks.

What this means for organizations

  1. Industry tends to follow government guidance. Even if Inglis’ strategy does not directly impact specific industries, it is likely that the private sector will look to introduce similar standards. This may not happen immediately, but it would be wise for organizations across all industries to anticipate increased expectations for their cybersecurity preparedness programs. Instead of waiting to see what happens, organizations should work to get ahead of potential demands.
  2. Ignorance is not an acceptable excuse. If an organization lacks basic cybersecurity controls needed to protect critical assets — customer information, intellectual property, etc. — then they can be held responsible for any resulting damages. The expectation from the government and the public is that organizations are doing everything in their power to mitigate cyber risk.
  3. Audits and requirements will increase. Increased government oversight and involvement likely means additional audits, new compliance requirements and baseline standards. In preparation, organizations should evaluate their cybersecurity processes and programs to identify gaps and vulnerabilities. This will reduce potential government penalties and better position organizations to deter and respond to cyber attacks.
  4. Meeting demands will be challenging. The national cybersecurity strategy is expected to be “tough” and demanding. Without a dedicated team and plan of attack for assessing and improving programs and processes, organizations will be faced with answering challenging questions from regulators, stakeholders and customers, negatively impacting their viability and reputation.

Potential outcomes

Ultimately, a national cybersecurity strategy is a positive development. In theory, increased supervision and participation from the government will keep organizations honest about their cybersecurity efforts and hold them responsible for their protective measures. This should also have the corresponding effect of making organizations more resilient to attacks, which would positively impact larger cybersecurity issues, like reducing successful ransomware campaigns. 

However, none of this is achievable or possible without genuine government involvement. Industry cannot combat cyber threats alone. A partnership with the government, which comes with additional resources and legal authority, is essential to mitigate risks from sophisticated threat actors and powerful nation-states.

Equally as important to the success of government collaboration is that this relationship must not become a hindrance. Instead, a cooperative in which intelligence is shared and resources are pooled is vital. Otherwise, Inglis’ plans to “more forcefully use government power” will become a deterrent, where organizations are more focused on compliance and avoiding penalties and less on becoming resilient to attack.


Tags: Cyber Risk
Previous Post

Why Our Best Employees Don’t Speak Up

Next Post

How to De-Stress Budgeting for Your Compliance Program

FTI Consulting

FTI Consulting

Related Posts

risk tunnel

From Regulation to Volume, There Is No Light at the End of the Data Privacy Tunnel

by Jim DeLoach
March 15, 2023

Data proliferation and data privacy regulatory activity across the globe have created the need for focused boardroom discussions. An underpinning...

cisa website

What Can Your Organization Learn From the New CISA Strategic Plan?

by FTI Consulting
January 11, 2023

Cyber threats against organizations of all sizes are only rising as scammers and fraudsters become more and more sophisticated. Kyung...

data minimization practices_w

Ransomware Threats Are Growing. How Can Boards Protect Mission-Critical Assets?

by Jim DeLoach
December 14, 2022

As the sophistication level of cyber attackers continues to rise, there’s probably not a business on Earth that isn’t at...

dirty words

For Cybersecurity Teams, ‘Audit’ Doesn’t Have to Be a Dirty Word.

by Troy Fine
December 7, 2022

Let’s face it: Nobody wants to be audited. For the average Joe, an IRS audit is a hassle (at best)....

Next Post
budgeting compliance_n

How to De-Stress Budgeting for Your Compliance Program

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Code of Conduct Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT