Newsroom
White House unveils 'bold new steps' to bolster cybersecurity
The White House announced a new cybersecurity strategy it describes as taking “bold new steps” to protect Americans and strengthen cyberspace capabilities.
“NAFCU looks forward to working with the Administration to realize the President’s strong national cybersecurity vision. Credit unions stand on the front lines of today’s cyber threat environment and maintain a robust cybersecurity posture to protect their members against fraud. This announcement reinforces the need for effective coordination and leadership to strengthen all critical infrastructure sectors and improve resilience against future cyber-attacks,” said Andrew Morris, NAFCU Regulatory Affairs Counsel.
The strategy expands on a May 2017 executive order, titled Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure, which helped lay the groundwork for this new policy. The strategy focuses on the following four key “pillars:”
- defending the homeland by protecting networks, systems, functions and data;
- promoting American prosperity by nurturing a secure, thriving digital economy and fostering strong domestic innovation;
- preserving peace and security by strengthening the ability of the United States — in concert with allies and partners — to deter and, if necessary, punish those who use cyber tools for malicious purposes; and
- expanding American influence abroad to extend the key tenets of an open, interoperable, reliable and secure internet.
Speaking at a news briefing, National Security Adviser John Bolton said, "for any nation that's taking cyber activity against the United States, they should expect ... we will respond offensively as well as defensively.” He noted there have been efforts made by countries such as, Russia, Iran, China and North Korea that need to be countered.
The strategy proposes no new requirements for financial institutions or credit unions, which already comply with numerous cybersecurity-related standards under the Gramm-Leach Bliley Act and other agency-specific guidance. NAFCU will continue to ensure that credit union cybersecurity efforts are recognized and not burdened with new or duplicative requirements.
NAFCU attended a briefing on the report following its release last week. The association is a leading advocate for a strong national data security standard and supports an objective, risk-based approach to cybersecurity that grants financial institutions the flexibility to adopt controls based on their own assessments of threats or risk factors.