The Biden-Harris administration today launched its National Cybersecurity Strategy, shifting the focus from protecting the nation’s cyberspace to software developers and service providers. They also recognized the importance of public private sector cooperation in protecting the country from cyber threats.

The White House stated, “We must rebalance the duty to defend cyberspace by transferring the responsibility for cybersecurity away from people, small enterprises, and local governments and onto the organizations that are most capable and best-positioned to lower threats for all of us.”

The Biden-Harris administration today unveiled its national cybersecurity policy, which aims to put more of the responsibility for protecting the nation’s online infrastructure on software developers and service providers.

Washington’s new cybersecurity defense strategy also recognizes that cooperation between the public and commercial sectors, as well as with allies and partners abroad, is crucial to protecting the country from cyber threats.

The White House stated today, “We must rebalance the duty to defend cyberspace by transferring the cost for cybersecurity away from people, small enterprises, and local governments, and onto the institutions that are most capable and best-positioned to lower threats for all of us.

In order to transform the cyber landscape in favor of improved security and resilience, the federal government will also intensify operational and strategic engagement with software, hardware, and managed service providers, according to a statement.

Its main goals are to protect U.S. vital infrastructure, stop malevolent threat actors from jeopardizing U.S. interests, make strategic investments to create a more secure digital ecosystem, and form global alliances to accomplish shared objectives.

Other noteworthy proposals include more aggressive campaigns to render state-backed/financially motivated malicious activity unprofitable and ineffective and making sure that U.S. infrastructure is no longer used in attacks targeting organizations in the United States, in addition to focusing on shifting liability for security failures to software companies.

The Biden-Harris administration stated that disruption efforts must become so persistent and focused that criminal cyber activity is rendered unprofitable and foreign government actors engaging in harmful cyber activity no longer view it as an effective way to achieve their aims.

To make it harder for enemies to misuse U.S.-based infrastructure while protecting individual privacy, “all service providers must undertake reasonable efforts to secure the use of their infrastructure against abuse or other criminal activities.”

The updated policy also emphasizes the serious threat posed by ransomware, emphasizing how the administration “strongly opposes the payment of ransoms,” and vows to keep going after ransomware gangs operating out of safe havens like Russia, North Korea, and Iran.

“Criminal syndicates cyber operations today pose a threat to the national security, public safety, and economic prosperity of the United States and its friends and partners,” the government added.

“Total economic losses from ransomware attacks have reached billions of dollars annually,” according to the report.

Top national security threats to the United States are considered to be China and Russia.

According to the administration, China and Russia are the most active and hostile nations responsible for harmful behavior aimed at critical U.S. infrastructure and assets.

“Over the last ten years, [China] has expanded cyber operations beyond intellectual property theft to become our most advanced strategic opponent with the capacity to damage U.S. interests and dominate emerging technologies crucial to global development,” the strategy states.

“Russia is a chronic cyber danger as it develops its cyber espionage, assault, influence, and disinformation capabilities to coerce sovereign countries, harbor transnational criminal actors, erode U.S. alliances and partnerships, and destabilize the rules-based international system,” the National Security Agency said in a statement.

The Office of National Cyber Director (ONCD), in collaboration with the Office of Management and Budget (OMB), and with the guidance of the National Security Council, will coordinate the efforts to implement this new cybersecurity policy (NSC).

They will showcase the success of the approach in yearly reports to the President and the U.S. Congress. In order to ensure that its objectives are met, they will also offer federal agencies yearly advice on cybersecurity budget priorities.