he US government released its National Cyber Security Strategy on 28 February 2023, detailing mandatory regulation on critical infrastructure vendors and endorsing a more aggressive ‘hack-back’ approach to dealing with foreign adversaries and ransomware actors. As previously reported, the White House plans to use regulation to “level the playing field” and shift liability to organizations that fail to make reasonable precautions to secure their software. “[While] voluntary approaches to critic
