What’s new in the updated 2024 White House National Cybersecurity Strategy (NCS)—and what does your organization need to know to stay aligned?
The updated NCS includes 100 federal initiatives—up from 69 in 2023—with 31 new initiatives to address emerging threats and realign “incentives to favor long-term investments in cybersecurity and resilience.” The updated strategy also aims to bolster critical infrastructures, with an increased emphasis on sector-specific cybersecurity measures for healthcare, education, and public works infrastructures such as wastewater systems.
With so many fronts in the war against cybercrime, it can be easy to overlook that the most important one will almost always be in your own data center. Let’s unpack the NCS and what you can do to leverage its guidance and support.
New Threats Require New Defenses
Many of the report’s objectives are in response to technologies that could prove to be double-edged swords in the wrong hands:
- Artificial intelligence, with tools like WormGPT just scratching the surface of what AI will do in the wrong hands.
- Quantum computing, with “the potential to break some of the most ubiquitous encryption standards deployed today.” By Q3 FY25, the National Security Agency (NSA) aims to “prioritize the transition of vulnerable public networks and systems to quantum-resistant cryptography-based environments and develop complementary mitigation strategies to provide cryptographic agility in the face of unknown future risks.”
- IoT devices, which will be subject to a voluntary cybersecurity labeling program to develop the “smart grid of the future” and incentivize manufacturers to meet higher cybersecurity standards.
- Smart, connected digital supply chains. One initiative includes providing access to and use of supply chain risk assessment tools along with professional analytic support services to identify, assess, mitigate, and monitor supply chain risks.
The strategy also addresses ransomware further, promising global collaborations to dismantle ransomware and state-sponsored cyber espionage.
An Important Spotlight on Critical Public Infrastructure
The pipeline disruption of 2021 taught us a valuable lesson: Taking out one critical infrastructure provider can have a devastating ripple effect. The first pillar of the 2024 strategy includes new mandates that infrastructure providers must meet a baseline of cybersecurity standards—including water, power grids, rail, and pipelines.
These will come from a second development of the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) that will be refined and improved to keep pace with technology and threat trends, integrate lessons learned, and make best practices common practice.
Even if your organization is not among those in the public sector, it’s an approach worth emulating. Now is the time to be vigilant and take steps to protect the digital assets most important to your business.
Key Pillars and Objectives to Note
Pillar 1: Defend Critical Infrastructure
Critical infrastructure has been making headlines in cybersecurity—including aviation, rail, oil and gas, waste and water, and energy, plus their third-party providers. It’s a priority in the NCS which will require mandatory compliance with updated frameworks from NIST, the Cybersecurity and Infrastructure Security Agency (CISA), and more. Close public-private collaboration is a primary objective of this pillar, designed to drive the development and adoption of software and hardware that is secure by design and secure by default.
Called out in the priorities are:
- Collaboration with software, hardware, and managed service providers to help reshape the cyber landscape to bolster security and resilience. That includes enforcing secure-by-design principles—developing products to be secure from the ground up.
- Resilience, recoverability, and availability/safe failover of key systems and services in this sector—something that can be accomplished with a tiered backup architecture. (More on this below.)
- Compliance of all third-party vendors and providers. You’re only as secure as your weakest link.
Read more: How to Put CISA’s “Shields Up” Recommendations Into Action
Pillar 2: Disrupt and Dismantle Threat Actors
The administration has vowed to use “all instruments of national power,” including adversarial takedown and disruption campaigns that target malicious actors. The strategy specifically calls out:
- Discouraging companies from paying the ransom—which requires you to have a resilient architecture with secure backups as a component to make paying ransoms a moot point
- Improved bidirectional intelligence sharing—in which CISA can share warnings and give private organizations means to share classified threats through “hubs” for more organized reporting efforts
This is encouraging, but organizations themselves need to also stay on the offensive, not just the defensive. This comes from knowing who attackers are and what they’re after and also having total visibility into a data estate with advanced anomaly detection. To do your part, you’ll want fast, accurate, accessible security logs, SIEM with powerful underlying storage technologies so ingest is never a bottleneck, and backup plans for the forensic process.
Pillar 3: Shape Market Forces to Drive Security and Resilience
A key theme in the strategy is reducing the onus on individuals and small businesses as the attack surface area continues to expand with third-party providers and software as a service. Enforcing more and better data compliance and privacy policies will help hold “sellers of software and hardware liable if they fail to employ recognized security development practices.”
To incentivize security and resiliency, the NCS aims to hold organizations more accountable for data security by enforcing:
- Protection of sensitive personal data by limiting collection and use. It’s a good time to check in on your compliance best practices.
- Liability for vulnerabilities in software
- Required compliance of any federal vendors (e.g., FIPS or SOC 2 Type II)
The cyber insurance “backstop” fund to help with catastrophic security events remains a strategic objective under this pillar.
Pillar 4: Invest in a Resilient Future
It’s the fourth pillar, but the most important in my opinion—and the most actionable. The federal aim is to “[lead] the world in securing resilient next-generation technologies and infrastructure through strategic investments and coordinated, collaborative action.” That includes new initiatives to address Border Gateway Protocol (BGP) and Internet Protocol version 6 (IPv6) security gaps. According to the strategy, investing in resilience means:
- Reducing vulnerabilities in foundational technology—including critical infrastructure such as storage, which should be capable of tiered backups, SLA-based recovery guarantees, immutable snapshots, and fast recovery times.
- Strengthening and securing the open source software ecosystem to reduce vulnerabilities from third-party software providers.
- Digital identity solutions with the “right” controls to limit or prevent compromise from non-human identities and accounts.
- Deploying a clean energy infrastructure to build in another layer of resilience from increasing energy costs and outages—in line with government decarbonization goals. This begins in the data center.
- Quantum-resistant cryptography with post-quantum algorithms.
This adds up to one critical concept: a tiered resilience architecture. A resilience architecture can protect your entire data estate, which I outlined in this article. It’s the best way to have every chance at recovering after a security event.
Pillar 5: Forge International Partnerships to Pursue Shared Goals
Collaboration and communication are vital to shrink attack surface areas, counter threats, secure global supply chains, and support one another after an attack. The National Telecommunications and Information Administration has invested over $140 million from the Public Wireless Supply Chain Innovation Fund to help strengthen global supply chain resilience and lower costs for consumers and network operators.
While the government works to promote “responsible state behavior” and give allies their best shot at cybersecurity resilience, the fact remains that organizations will be a target as long as they’re in operation. For you, this means staying diligent and preparing for a worst-case scenario. At Pure Storage, we help customers not only prepare for the worst but also recover from it in record time.
How Can You Stay Ready? Proven, Layered Cyber Resiliency on the Pure Storage Data Platform
At Pure Storage, we share these priorities and are continually innovating and evolving to keep our customers on the cutting edge of cyber resilience and security. Our recently announced SLAs and AI-powered security and cyber resilience capabilities give our customers a clear advantage in the ongoing war on cybercrime.
Where to start? The most effective way to stay resilient is with a tiered resilience architecture built on a unified data platform like Pure Storage. This can allow your business to recover in minutes versus hours or days.
- Tier 1: Primary, mission-critical data and secure backups. Store applications critical to operations and three to seven days of SafeMode™ Snapshots.
- Tier 2: Affordable second-tier data, snapshot archives, and forensic data. Maintain offloaded Tier 1 snapshots affordably (preferably 6-12 months) and data required for forensics after an attack, and keep a replica archive for “longer-term” storage (6-12 months—or longer, if possible).
- Tier 3: Fast backup tier. This tier is for extreme scenarios and long-term retention for compliance or applications that don’t warrant snapshots.
- Tier 4: A one-way data bunker. For large-scale disasters, data bunkers are highly secure and provide extra, optional disaster recovery sites behind primary and secondary backup sites. You could store years of data at the Tier 4 layer.
Even still, it’s a matter of when not if. Discover more about our newly updated cyber recovery SLA in Evergreen//One™ that includes next business day shipping of clean recovery array(s) so you have a clean environment to recover to after a cyber event.*
We all have an important role to play in the war against cybercriminals. Pure Storage offers the ultimate peace of mind in this evolving landscape.
*If shipping to North America, Europe, or the UK. For Asia-Pacific, it will be 48 hours.
Hacker’s Guide to Ransomware Mitigation and Recovery
Written By:
Go on the Offensive
Learn more about how Pure Storage can help you in the ongoing war on cybercrime.