The White House’s Office of the National Cyber Director (ONCD) released its National Cybersecurity Strategy Implementation Plan (NCSIP) today, putting 18 agencies on the hook for 69 “high-impact” initiatives to be completed between now and fiscal year (FY) 2026.
The implementation plan helps put into motion the National Cybersecurity Strategy released by the Biden-Harris administration on March 2.
“If the strategy represents the president’s vision for the future, then this implementation plan is the roadmap to get there,” Acting National Cyber Director (NCD) Kemba Walden said during a press briefing with reporters prior to the implementation plan’s release today.
Walden referred to Biden’s NCS as a “bold vision for the future of cyberspace,” and the implementation plan as a way “to make that vision a reality.”
The NCSIP details more than 65 high-impact Federal initiatives, from protecting American jobs by combatting cybercrimes to building a skilled cyber workforce equipped to excel in the increasingly digital economy.
Each initiative in the plan is assigned to a responsible agency and has a timeline for completion. ONCD worked closely with the agencies to establish these deadlines, and expects “full collaboration” amongst the cyber community to meet the required time stamps on the document.
Walden noted that while the implementation plan was just released today, it is “already well underway across the administration.” Several initiatives, such as the issuance of the administration’s cybersecurity priorities for the FY 2025 budget, have already been completed ahead of schedule, the acting head of ONCD said.
“The implementation plan is a living document,” Walden explained. “The National Cybersecurity strategy is meant to be enduring and is crafted to guide policy across the decisive decade in which we find ourselves. The implementation plan, on the other hand, will evolve whether in response to changing threat landscape, or as initiatives are completed and we get follow-on actions.”
“Therefore, next year you can expect to see version 2.0 of this plan, and after that the plan will continue to be updated annually,” Walden added.
The acting NCD admitted that the NCSIP does not envelop all the cybersecurity activities in the Federal government, and said it is not intended to.
“What it does do is capture key initiatives that we must get done in the near term on the path to achieving the president’s vision,” Walden said.
This accomplishment, she said, will not be possible without a “whole-of-society” approach.
“The administration has made clear that collaboration is critical to the success of the strategy, and we will solicit feedback from civil society, academia, state, local, Tribal, and territorial governments, and industry to what’s working and what we can improve on,” Walden said.
She said she hopes people use the plan to understand where they can interact with the Federal government and “on what activities that they will engage with us in a dialogue as we continue to iterate on the process.”
Walden also mentioned that her team is “nearing completion” of its National Cyber Workforce and Education Strategy that aims to address the significant gaps in qualified cyber personnel that continues to face both public and private sectors.
“We are rounding the corner on having a completed National Cyber Workforce and Education Strategy, which we hope to disclose soon after we disclose the implementation plan,” Walden continued. “It should cover the short-term needs for a cyber workforce, as well as strategic investments that we need to make in the education system and reskilling and upskilling in digital competency across the spectrum. So, look forward to seeing that soon.”
