The United States National Cybersecurity Strategy, released on March 2, 2023, is poised to place significant responsibility for cybersecurity on federal contractors, technology companies, and critical infrastructure owners and operators. The Strategy articulates a series of objectives and recommended executive and legislative actions that, if implemented, would increase the cybersecurity responsibilities and requirements of these types of entities. For example, the Strategy proposes that legislation be developed to establish liability for software vendors that fail to take reasonable precautions to secure their software. The Strategy also outlines the need to use minimum cybersecurity requirements, as opposed to voluntary measures, in critical sectors to enhance national security and public safety. A new post on Covington’s Inside Privacy blog discusses the main pillars and objectives of the new National Cybersecurity Strategy.