The White House’s new cybersecurity strategy may mean companies face additional expenses, but tech executives agree the requirements are necessary to reduce the pain of cyber-attacks.
The strategy urges companies to upgrade hardware and software and hire experts to implement better network defenses. Complaints about the cost of upgrading will eventually “go away” as the expenses become the “cost of doing business”, said Eric Noonan, CEO of cybersecurity firm CyberSheath. The White House’s new strategy, as well as its 2021 executive order, the Pentagon’s Cybersecurity Maturity Model Certification program, and the pending US Securities and Exchange Commission rule for publicly traded companies, are among the levers being used to enforce mandatory cybersecurity minimums. The national strategy aims to shift the burden of cybersecurity from individuals and small companies to larger entities and the federal government by incentivizing software companies toward a more secure development process.