Spotlight on External Cybersecurity & Disruption: Biden’s National Cyber Strategy Goes on Offense

Today’s release of the Biden administration’s anticipated National Cybersecurity Strategy is a meaningful leap in a positive direction towards minimizing digital risks for all Americans. As a global cybersecurity innovator and leader in adversary disruption today’s announcement was music to our ears. It’s a strong foundation for growth of the cybersecurity industry, which has been thrust into the forefront of conversations about keeping our nation secure as the definition of security has expanded to include the physical and digital world. 

A clear vision for the future of cybersecurity in this country outlined on paper will enable us to guide conversations and focus, even if all stakeholders agree this will be a journey. The strategy itself says it best – our rapidly evolving (digital) world demands a more intentional, more coordinated, and more well-resourced approach to cyber defense. The time is now for public and private sectors to align on how they can best work together to not only defend ourselves against the evolving nature of cyber threats, but also disrupt the bad actors behind these threats. 

Don’t just defend, disrupt!

The focus on disruption outlined in today’s strategy is something I’m thrilled to see get more attention. It’s no longer enough to have a good cyber defense – all it takes is one tiny misstep for a cybercriminal to take advantage. Prioritizing disruption of threat actors shifts our strategy from reactive to proactive, a subtle yet important change to how Americans view cybersecurity overall. As modern threat actors scale their attack campaigns and become sophisticated enough to dance around traditional defensive security, chasing down detected threats can feel like running in circles. We welcome this approach as an essential part of a well-rounded overall cyber strategy. 

In the last 12 months, ZeroFox has taken more than 110 million disruption actions on behalf of our customers, spanning malicious content and PII removal, social media and domain takedowns, attack infrastructure dismantlement, inline remediations and beyond. Plus, some cyber incidents are out of individual’s or organization’s control, such as third-party data leaks. In a world where there seems to be unfettered access to personally identifying information on most individuals, aka cyber targets, providing a core set of protections for this information is critical, and this strategy correctly establishes that good protection also includes disruption. 

Most notably, the strategy alludes to engaging the private sector in disruption activities. While further public-partnership efforts have long been top of mind in conversations about improving our nation’s cybersecurity posture, working with the private sector to disrupt and dismantle threat actors at scale is a prime example of what a successful partnership could look like. We take personal pride in leading this effort for the United States, organizations, and allies around the world. ZeroFox has significant visibility into attack indicators and potential threats, and can execute quick blocking actions on malicious sites and content – ultimately creating a safer digital ecosystem where attacks are blocked before they happen. Zerofox has been dedicated to disrupting threat actors for over a decade, and we’re excited to partner with the public sector on these important efforts.

What’s next?  

Establishing a national cybersecurity strategy is a crucial milestone in defending our nation against the malicious actors threatening national security and public safety. Up next is implementing this strategy successfully in partnership with the private sector then measuring and maturing the strategy over time which will be the true test of our commitment to creating a more secure digital future for all Americans. We embrace the provisions outlined in the Biden administration’s strategy, and look forward to continuing to partner with government agencies on both a national and international scale to properly address increasing external cyberattacks.