Security News > 2023 > July > Commentary on the Implementation Plan for the 2023 US National Cybersecurity Strategy
The Atlantic Council released a detailed commentary on the White House's new "Implementation Plan for the 2023 US National Cybersecurity Strategy." Lots of interesting bits.
First, the plan contains a more concrete list of actions than its parent strategy, with useful delineation of lead and supporting agencies, as well as timelines aplenty.
Open-source software and support for energy-sector cybersecurity receive considerable focus, and there is a greater budgetary push on both technology modernization and cybersecurity research.
Many of the strategy's most difficult and revolutionary goals-holding data stewards accountable through privacy legislation, finally implementing a working digital identity solution, patching gaps in regulatory frameworks for cloud risk, and implementing a regime for software cybersecurity liability-have been pared down or omitted entirely.
There is an unnerving absence of "Incentive-shifting-focused" actions, one of the most significant overarching objectives from the initial strategy.
Third, many of the implementation plan's goals have timelines stretching into 2025.