This IIF Staff Paper considers U.S. Cyber Policy as the priorities of the Biden administration begin to take shape, which includes overhauling U.S. cybersecurity strategy and leadership, bringing in veteran cybersecurity experts, pledging vast digital and cyber defense investments, and laying the groundwork for renewed cooperation with the private sector, and international allies. Together, these developments offer early insights into the new administration’s cybersecurity policy, with important implications for the financial sector.
This also comes at a time when the U.S. government, like many organizations around the world, is recovering from and assessing the full impact of several high-profile cyber incidents including the 2020 SolarWinds and 2021 Microsoft Exchange Server data breaches. These high-profile data breaches have increased scrutiny and oversight of supply chains, third-party relationships, and overall cyber and operational resilience both in the U.S. and internationally.
The paper also includes an overview of key priorities for addressing cyber risk in the financial services sector, including more effective information sharing, and incident reporting, alongside the wider usage of cyber risk insurance and addressing data localization barriers. The U.S. government is also urged to work closely with the private sector, key allies, and global standard-setting bodies, and help reduce cross-border fragmentation in policy, standards, and regulations.
Finally, the paper provides an overview of all the recent key U.S. government nominations and appointments, and their biographies, including the new Deputy National Security Advisor for Cyber and Emerging Technology at the National Security Council (NSC), newly created National Cyber Director (NCD) and Director of the Cybersecurity and Infrastructure Security Agency (CISA).