Fed’s Cyber R&D Plan: Putting People First in Cybersecurity

TLDR: The US government’s latest Federal Cybersecurity Research and Development (R&D) Strategic Plan emphasizes human-centered cybersecurity as a priority. The plan aims to incorporate people’s needs, motivations, behaviors, and abilities into the design, operation, and security of information technology systems. The plan also highlights three cybersecurity priority areas for the next four years: protect people and society, develop means to establish and manage trust, and strengthen cyber resilience. Notable updates to the 2023 plan include the addition of “human-centered cybersecurity” as a research objective and the focus on developing methods to establish and enforce trust in cyberspace. The plan also recognizes the importance of cyber resilience and the need for secure software design principles. The document highlights specific cyber topics called for by the White House and Congress, including protecting software and hardware supply chains, realizing secure and trustworthy artificial intelligence, and securing the clean energy future. The plan concludes by identifying the roles for the federal government, industry, and academia in cybersecurity R&D.