Every presidential election naturally fuels dialog about our country’s future. For organizational leaders and those in IT security and compliance, the answers will define their priorities—and budget—for the coming years. So what, exactly, should federal legislation and policy prioritize? And what is at stake for the world of IT security?
Potential upcoming legislation includes the creation of a White House National Cybersecurity Director (NCD) to coordinate federal IT security policy, as well as the allocation of more resources to the Cybersecurity and Infrastructure Agency (CISA), which identifies cyber-risks to critical operations.
Additional legislation seeks to prioritize enhancements for public-private partnerships and data sharing, providing resources and guidelines for all levels of government (as well as the private sector) to respond to large-scale cyberattacks, implementing new standards for the IoT (Internet of Things), and regulating IT security measures for cloud computing facilities.
No doubt politicians will have a long list of priorities heading into the new year, but IT security experts know what will matter in the long run. While updating policies and practices will remain an essential element of IT security and regulatory compliance, experts suggest organizations will be better off with a substantial security overhaul to meet the demands facing organizations in 2021.
In With The New
Most promising amid IT security developments for 2021 is the NCD position, designed to integrate IT security strategies across all federal agencies. The NCD would work with CISA, as well as act as a liaison between the government and the private sector, and effectively convey problems and solutions to the decision-makers in digital security.
Moving into 2021, the government also looks to open a channel for intelligence sharing between the private sector and federal security agencies. With a higher volume of information from reliable sources, agencies will be able to quickly determine and combat concerning trends among malicious actors, emergent methods of attack, and other early warnings of potential disaster.
In case you missed it, the IoT is another significant area of consideration for this era of IT security, and experts anticipate additional liability protection will be essential for the increasing connectivity of devices. Congress has the opportunity to establish standards for devices by industry or even functionality—a key consideration when hackers can breach your network via a cell phone or workplace printer.
For CISA, national cyber-risk management looms large. Rolling out support to all levels of government and affected elements of the private sector is no small task, but for now, a good defense is the best offense. Experts highlight the NCD as a potential centralized point of support for these proceedings, but the position’s future is still up in the air.
One thing, however, is for certain: these legislative shifts ensure the private sector will take a more active role in determining IT security for itself and our nation.
When industry leaders and small businesses alike have a say in defining the nation’s IT security attitudes, it’s important to set a standard for your own security.
Every organization is unique, and so are your security needs. BAI Security’s IT security offerings include an array of assessments and audits that are customizable and cost-effective, with cutting-edge methods and best-of-breed scanning tools.
From the public and private sectors, 2021’s proposed security policies understand the importance of hearing every voice—we strive to do the same with our clients.
For a true partner in IT security for 2021 and beyond, contact us today for more information.