White House cybersecurity strategy pivots to regulation

The White House has unveiled a national cybersecurity strategy calling for comprehensive regulation of the nation's vital services, acknowledging in a 38-page blueprint that reliance on voluntary cybersecurity measures has stopped short of preventing billions in economic losses following a spike in ransomware attacks, as well as "inadequate and inconsistent outcomes" across critical infrastructure like energy pipelines, food companies, schools and hospitals.

The new framework, led by the Office of the National Cyber Director in the White House, calls out China, Russia, Iran and North Korea for aggressive cyber tactics exhibiting "reckless disregard for the rule of law" and elevates ransomware attacks, such as the 2021 Russia-linked offensive on Colonial Pipeline, to issues of national security.

"For government, we have a duty to the American people to double down on tools that only government can wield — including the law enforcement and military authorities — to disrupt malicious cyber activity and pursue their perpetrators," Acting National Cyber Director Kemba Walden said during a briefing with reporters this week.