The National Cyber Strategy Implementation Plan (NCSIP) has included a new sixth element that focuses on Implementation-wide Initiatives. This addition aims to ensure progress in implementing the strategy, learn from previous implementation experiences, and align budgetary guidance with the strategy’s objectives.
Under the NCSIP, each initiative is assigned to a responsible agency, with other contributing agencies identified where necessary, and completion dates set for each initiative. The majority of these initiatives are scheduled for completion in 2024, while some have deadlines throughout 2025.
For instance, one of the initiatives falls under the first pillar of the strategy, which is to Defend Critical Infrastructure. The specific objective is to Establish Cybersecurity Requirements to Support National Security and Public Safety. In order to accomplish this objective, the Office of the National Cyber Director (ONCD), in coordination with the Office of Management and Budget (OMB), will collaborate with regulators to identify opportunities for harmonizing baseline cybersecurity requirements for critical infrastructure. The ONCD is responsible for this initiative, with the Federal Communications Commission (FCC) and OMB designated as contributing entities. The completion date for this initiative is the first quarter of the fiscal year 2024.
The NCSIP aims to build upon existing efforts and processes related to cybersecurity that are already in motion within the U.S. government. While many previous cybersecurity strategies have been developed in the past, the implementation of these strategies has often been a challenge. The NCSIP aims to address this issue by providing a concrete plan with practical goals that can be achieved. This approach is expected to encourage collaboration and movement within the government.
According to Chris Painter, the president of the Global Forum for Cyber Excellence Foundation Board and a former government official, the NCSIP’s emphasis on practical goals and implementation is crucial for progress. He suggests that previous strategies were often aspirational documents without clear execution plans. Having a plan with specific goals is essential to encourage action and collaboration.
The inclusion of the sixth section in the NCSIP that focuses on funding agencies is critical for the successful execution of the strategy. This section ensures that resources are allocated and budgets are aligned to support the objectives outlined in the strategy. Without sufficient resources, implementing a cybersecurity strategy would be merely a theoretical exercise.
In conclusion, the NCSIP introduces a new element that emphasizes Implementation-wide Initiatives, ensuring progress, learning from implementation experiences, and aligning budgetary guidance with strategy implementation. The plan assigns responsibilities to specific agencies, sets completion dates for each initiative, and aims to build upon existing cybersecurity efforts. The practical goals outlined in the NCSIP are expected to drive collaboration and movement within the government. Furthermore, the inclusion of funding agencies in the plan ensures that resources are allocated to support the strategy’s objectives.