The Biden administration is set to release a new national cybersecurity strategy that seeks to shift the blame from companies that get hacked to software manufacturers and device makers. The 35-page strategy asserts that software makers must be held liable when they fail to live up to the duty of care they owe consumers, businesses or critical infrastructure providers. President Joe Biden said in a statement that the strategy “takes on the systemic challenge that too much of the responsibility for cybersecurity has fallen on individual users and small organisations”.
Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, fired a broadside this week over such failings, including flawed code and poor practices, which she said make users susceptible to hacks. Such an ambitious effort comes despite the failure of the Biden administration to advance legislation in its first two years to rein in the power of the biggest tech companies including Google, Apple, Amazon.com and Meta Platforms.
READ ALSO:
Microsoft integrates upgraded Bing search engine into Windows 11
Kenya to Partner with Microsoft to Integrate Digital Technology into Education System
Kenya’s Women Enterprise Fund Embraces Digital Technology to Improve Access to Loans
A senior administration official, who spoke on condition of anonymity, conceded shifting liability for cybersecurity breaches to software companies would require legislative action and was part of a long-term process that could take as long as a decade. The official added that the administration did not expect to see a new law on the books within the next year.
The official said there was room for collaboration with the software industry rather than confrontation. In addition, the administration hopes that its plan will force companies to do better in securing its software to win customers in a competitive marketplace. The administration’s strategy also promises a stronger stance against ransomware.
