Biden Administration to invest $65B in national cybersecurity strategy

Editor's Note

The Biden Administration on March 2 released a National Cybersecurity Strategy that includes a comprehensive approach to accomplish the following: “strengthen collaboration with stakeholders to defend critical infrastructure; disrupt and dismantle threat actors; shape market forces to drive security and resilience; invest in a resilient future; and forge international partnerships to pursue shared goals,” the American Hospital Association (AHA) March 2 reports.  

According to the release, the federal government will invest $65 billion on this strategy, under the Bipartisan Infrastructure Law. According to AHA, the Office of the National Cyber Director is coordinating the strategy, which also seeks to shift responsibility for cybersecurity “from the end user to the owners and operators of data systems,” as well as “realign incentives to favor long-term investments in security, resilience, and promising new technologies.”

“Since 2020, the AHA has urged the federal government to adopt policies similar to those used in the fight against terrorism,” said John Riggi, AHA’s national advisor for cybersecurity and risk after the strategy’s release. “We are pleased that the strategy includes several important ideas such as declaring ransomware attacks as a national security threat; conducting more offensive operations against cyberthreat actors; and implementing software security requirements for software developers.”

The release of this plan comes in the heels of a BankInfoSecurity report, in which the FBI indicates that healthcare is the industry that suffered more ransomware attacks than any other in 2022, “though the agency may have helped stop more,” according to Becker’s Health IT February 28. The Becker's article also mentions how the FBI prevented two potential ransomware attacks on hospitals: Boston Children's Hospital in 2021 and a hospital in an Omaha, Nebraska in 2022.