Notable government cybersecurity initiatives of 2021

In recent years, governments throughout the world have increasingly prioritized cyber security. Initiatives have been launched to address cybersecurity issues that pose a threat to the safety of individuals and businesses.

As Forrester’s Steve Turner says, “government-led cybersecurity programs are important to tackling cybersecurity challenges such as destructive assaults, huge data breaches and strikes on vital infrastructure”.

There are legislative levers that may be used, ways to take offensive actions against nation-state adversaries, and most importantly, investigations of significant cyber incidents along with critical information sharing during or after those incidents. You can get your own cyber security certifications online very easily. Enroll in cyber security analyst certification courses to get started.

The following are some of the most noteworthy cybersecurity measures that governments throughout the world will launch in 2021:

Cybersecurity Maturity Model Certification is published by the US Department of Defense.

It was announced in January by the US Department of Defense that the Cybersecurity Maturity Model Certification (CMMC) will be implemented across the Defense Industrial Base (DIB), which comprises more than 300,000 firms in the supply chain. From fundamental cyber hygiene to advanced cyber hygiene, the Center for Cyber-Maturity Management (CMMC) examines and integrates a variety of cybersecurity standards and best practices.

For a certain CMMC level, the associated controls and procedures will minimize risk against a specific set of cyber risks when applied, according to the Office of Defense Acquisition and Sustainment’s (ODAS) website. To current regulations (DFARS 252.204-7012), the CMMC initiative adds a verification component with regard to cybersecurity standards. As part of the CMMC, approved and recognized third parties perform assessments and issue CMMC certifications to DIB firms at the appropriate level, ensuring that the CMMC is cost-effective and reasonable for all organizations.

When it comes to government cybersecurity initiatives in 2021, the CMMC is arguably the most significant one according to Tom Brennan, CIO of Mandelbaum Salsburg P.C. This specific control has failed horribly for a long time, he says. Government contractors that fail to comply with the CMMC’s security standards would lose their contracts, he adds, which is why it’s so vital to have an independent security evaluation.

A new DoD contract requires CMMC level 1, 2, 3, 4, or 5 compliance (depending on the level of maturity needed for the project) before a business may take on a new contract. Many audit companies and service providers are realizing that the CMMC is a cash cow, Brennan adds.

Hacker Academy opened in Spain as the Spanish government pledges €450 million to the cybersecurity industry

To improve the cybersecurity industry in Spanish, the Spanish government will invest more than €450 million over a three-year period, according to Carme Artigas, the country’s state secretary for digitalization and artificial intelligence (AI). A Hacker Academy for Spanish citizens aged 14 and above has also been launched by Artigas as a way to teach people and recruit new talent. Participants compete in cybersecurity tasks between May 3 and June 25.

National Cybersecurity Institute (INCIBE) will be in charge of overseeing a new strategic plan for cybersecurity spending, which will focus on three key pillars: boosting the business ecosystem of the sector and recruiting talent; strengthening cybersecurity for individuals, SME’s, and professionals; and consolidating Spain as an international cybersecurity center.

Security executive order announced by the US government

According to an executive order issued by the Biden administration, the nation’s cybersecurity would be improved and federal government networks will be protected. As well as a ransomware assault on Colonial Pipeline, SolarWinds and Microsoft was recently targeted for supply chain hacks.

There are a number of suggestions in the executive order to improve cybersecurity inside government agencies, including:

Government and private sector information sharing on threats should be made easier by removing barriers

The federal government should modernize and establish tougher cybersecurity requirements.

Improving the security of the software supply chain.

Create a cybersecurity review board

Improving cybersecurity incident detection, investigation, and remediation capabilities.

Australian government announces Critical Infrastructure Uplift Program

According to the Australian government’s “Critical Infrastructure Uplift Program (CI-UP)”, the program’s goal is to identify critical infrastructure vulnerabilities and fix them, as well as to help providers improve their cybersecurity maturity by evaluating their current security programs and implementing recommended risk mitigation strategies. It is available to critical infrastructure entities that are ACSC partners and is intended to:

Use a combination of the Cyber Security Capability and Maturity Model (C2M2), and the Essential 8 maturity models, to assess the cybersecurity readiness of vital infrastructure and systems of national significance.

Identify and implement priority vulnerability and risk reduction methods

Facilitate implementation of risk reduction methods by partners

The American Cybersecurity Literacy Act has been proposed by US politicians.

House legislators from both parties proposed the American Cybersecurity Literacy Act in June, a new bill designed to increase cybersecurity awareness and data security understanding among internet users in the United States. House Energy and Commerce Committee is now reviewing the act, which states that the United States has national security and economic interest in fostering cybersecurity awareness.

The government of France establishes a cyberattack alert system

France established a new warning system for small and medium-sized enterprises in July to assist them in the case of cyberattacks and advise them of the steps they should take in reaction to events. Secretary of State for Digital Transition and Electronic Communications (Secretary Cédric O) and other senior authorities introduced the system.

Britain’s Ministry of Defense has completed its first bug bounty program

According to the UK Ministry of Defence, its first bug bounty program was completed in August. For a 30-day challenge in collaboration with HackerOne, it asked ethical hackers to examine and uncover vulnerabilities in its digital assets that needed to be fixed, giving them direct access to its internal systems. A new cyber plan (announced in March) by the UK government aims to improve the country’s cyber strength in an increasingly digital environment.

In Italy, a new national cybersecurity agency has been established

This is part of an overall strategy to develop an integrated, secure cloud infrastructure for the country, which was authorized by the Italian parliament in August. The Agenzia per la Cybersicurezza Nazionale (ACN), which was first announced in June, would initially have 300 personnel, with a goal of reaching 1,000 by 2027, according to its website.

Wrapping up So these were the marvelous initiatives taken by several governments around the globe to take care of the growing cyber security threats. Enroll in cyber security training online and hone your skills in cybersecurity. Having a cyber security training certification will not only help you understand the field better but will also give you an edge in the job markets

By Zarnish Khan