On July 13, 2023, the White House issued the first iteration of its National Cybersecurity Strategy Implementation Plan (the “Implementation Plan”), which will be updated annually. The two overarching goals of the Implementation Plan are to address the need for more capable actors in cyberspace to bear more of the responsibility for cybersecurity and to increase incentives to make investments in long-term resilience. The Implementation Plan is structured around the five pillars laid out in the White House’s National Cybersecurity Strategy earlier this year, namely: (1) defend critical infrastructure; (2) disrupt and dismantle threat actors; (3) shape market forces to drive security and resilience; (4) invest in a resilient future; and (5) forge international partnerships to pursue shared goals. The Implementation Plan identifies strategic objectives and high-impact cybersecurity initiatives under each pillar and designates the federal agency responsible for leading the initiative to meet each objective. The following summarizes some of the key initiatives included in the Implementation Plan that will directly impact critical infrastructure organizations, including healthcare, energy, manufacturing, information technology and financial services.
Establishing and maintaining effective systems to protect sensitive personal data and confidential business information from outside interference while also assuring that privacy interests are protected is among an organization’s highest priorities. Our security and privacy team at Epstein Becker & Green has written extensively about the guidance and best practices issued by federal and state regulatory and enforcement agencies. Execution, monitoring and continually updating these preventive practices define an organization’s first line of defense. But what happens in the event that an organization actually suffers a breach? Is there guidance that might be available, particularly to healthcare organizations, to deal with continuity and disaster planning (BC/DR) directed towards assuring resilience and recovery in the event of a potentially-disastrous cyberattack?
Blog Editors
Recent Updates
- Importance of Negotiating Maintenance, Repair and Replacement Obligations in Health Care Leases
- Unpacking Averages: Assessing the Products Included in FDA's Voluntary Malfunction Summary Reporting Program
- Federal Update on Cannabis Scheduling: Are State Legalized Cannabis Dispensaries to Become Pharmacies?
- HHS Extends the Antidiscrimination Provisions of the Affordable Care Act to Patient Care Decision Support Tools, Including Algorithms
- It’s Been a Long Time Coming – FDA’s Final Rule on Regulation of Laboratory Developed Tests (LDTs) as Medical Devices Has Arrived