N ATIONAL C YBERSECURITY S TRATEGY
exposure. We must take steps to mitigate the most urgent of these pervasive concerns such as
Border Gateway Protocol vulnerabilities, unencrypted Domain Name System requests, and the slow
adoption of IPv6. Such a “clean-up” effort to reduce systemic risk requires identification of the
most pressing of these security challenges, further development of effective security measures, and
close collaboration between public and private sectors to reduce our risk exposure without
disrupting the platforms and services built atop this infrastructure. The Federal Government will
lead by ensuring that its networks have implemented these and other security measures while
partnering with stakeholders to develop and drive adoption of solutions that will improve the
security of the Internet ecosystem and support research to understand and address reasons for slow
adoption.
Preserving and extending the open, free, global, interoperable, reliable, and secure Internet requires
sustained engagement in standards development processes to instill our values and ensure that
technical standards produce technologies that are more secure and resilient. As autocratic regimes
seek to change the Internet and its multistakeholder foundation to enable government control,
censorship, and surveillance, the United States and its foreign and private sector partners will
implement a multi-pronged strategy to preserve technical excellence, protect our security, drive
economic competitiveness, promote digital trade, and ensure that the “rules of the road” for
technology standards favor principles of transparency, openness, consensus, relevance, and
coherence. By supporting non-governmental Standards Developing Organizations (SDOs), the
United States will partner with industry leaders, international allies, academic institutions,
professional societies, consumer groups, and nonprofits, to secure emerging technologies, enable
interoperability, foster global market competition, and protect our national security and economic
advantage.
STRATEGIC OBJECTIVE 4.2: REINVIGORATE FEDERAL
RESEARCH AND DEVELOPMENT FOR CYBERSECURITY
Through Federal efforts to prioritize research and development in defensible and resilient
architectures and reduce vulnerabilities in underlying technologies, we can ensure that the
technologies of tomorrow are more secure than those of today.
As part of the update to the Federal Cybersecurity Research and Development Strategic Plan, the
Federal Government will identify, prioritize, and catalyze the research, development, and
demonstration (RD&D) community to proactively prevent and mitigate cybersecurity risks in
existing and next generation technologies. Departments and agencies will direct RD&D projects to
advance cybersecurity and resilience in areas such as artificial intelligence, operational technologies
and industrial control systems, cloud infrastructure, telecommunications, encryption, system
transparency, and data analytics used in critical infrastructure. These efforts will be supported by the
Federal RD&D enterprise, including the NSF, DOE National Laboratories, and other Federally
funded research and development centers (FFRDCs), and through partnerships with academia,
manufacturers, technology companies, and owners and operators.