Recapping the National Cybersecurity Strategy One Year Out

Camille Stewart Gloster, co-founder of #ShareTheMicInCyber, sat down for a public fireside chat with Politico Cybersecurity Report Maggie Miller to talk about her achievements as Deputy National Cyber Director of Technology & Ecosystem at the Office of the National Cyber Director, and her thoughts on the impacts of the 2024 presidential election on progress towards the National Cybersecurity Strategy and National Cyber Workforce and Education Strategy. Below are the top 5 takeaways from the conversation.

You can watch the recording of the event on New America's YouTube channel.

The collaboration between the public and private sector has been a crucial component of successful strategy implementation.

One key component to implementing the National Cybersecurity Strategy and the National Cyber Workforce and Education Strategy was a strong relationship between government and private sector, and their commitment to working in collaboration with each other. Camille noted how policy conversations and planning have become richer as a result because policy is now directly applicable to industry. This has been particularly prominent when it comes to understanding artificial intelligence, how to harness its benefits, and what guardrails are necessary to guide sustainable innovation. Particularly with critical infrastructure, which is majority privately-owned, the coordination and targeted support by the Cybersecurity and Infrastructure Security Agency (CISA) has been crucial to safeguarding American residents from disruptive cyberattacks.

The federal government has already begun preparing for a wave of emerging technologies by laying the groundwork and planning for the future.

AI has transformed a number of areas across cybersecurity and technology, including the work of cybersecurity professionals, but it has not changed the nature of the workforce strategy, Camille says. Pertaining to cyber workforce development, the focus has not only been getting professionals into the career pipeline, but it's also incentivizing employers to invest in upskilling their current talent. Generative AI has been a high priority for the ONCD and other agencies, Camille also points out that there are several other areas that the government is actively learning about and preparing for. She emphasized that the ONCD has been focused on preparing for Web 3.0 and quantum computing by learning from private partners while simultaneously advocating for increased investments in the workforce.

The National Cyber Strategy, as a guiding document, benefits from the strategy work of other agencies across the federal government.

After this conversation, on May 6th the State Department released a long-anticipated strategy guiding cyber diplomacy, a welcome addition to the myriad of other cybersecurity-related strategies across other agencies. Shortly before the release of the cyber diplomacy strategy, Camille stated that she hopes the upcoming strategy will be able to fill in the gaps that the National Cybersecurity Strategy was unable to address, particularly engaging global partners. She notes that the U.S. can benefit from learning about innovations from Latin America, the Caribbean, and Africa, particularly how they've managed the rise of AI, while also contributing to bolstering their international partners' cybersecurity and critical infrastructure.

There have been marked shifts towards skills-based cybersecurity hiring

On April 29, President Biden announced a federal government shift towards skills-based hiring for cybersecurity and technology roles. This is a welcomed pivot away from the practice of degree-based hiring and a practice outlined in the Cyber Workforce and Education Strategy. By focused on skills-based hiring, it widens the pool of talent to include candidates who opted out of the traditional 4-year degree program. Skills-based hiring also increases the resiliency of the cyber workforce by proactively preparing employers for the emerging technologies around the corner.

A change in presidential administration will likely impact, but not completely hinder, progress towards the strategy.

One large topic of conversation was how a possible future Trump Administration could impact the implementation progress of the strategies. While the change in administration would not change the strategies or eliminate essential cybersecurity and technology offices in the federal government, Camille says that the Trump Administration could limit the resources dedicated to supporting the strategy, including personnel and budgets, that would slow activity towards meeting goals. Priorities around cybersecurity and technology could shift, such as issues of misinformation, authorities for CISA and the ONCD, and supply chain authorities.