The United States is at an inflection point regarding the future of our cybersecurity.
To strengthen our defenses, the top US cyber authorities are offering a new vision and a new national-level strategy. A National Security Strategy that emphasizes the need to protect cyberspace.
Heading into the new year, the Office of the Director General of National Cyber will soon release a National Cybersecurity Strategy, laying the foundation for how our country will respond to cyberattacks. At the same time, cybersecurity is one of the few areas where we expect to see bipartisan efforts in the next Congress.
With this foundation laid, now is the time to think “big picture” about how to approach national cyber strategy.
To secure future cyber dominance, we must view the cyber threat landscape the same way we see an adversary: a battlefield. When adversaries devise digital conflict strategies, they do not consider the federal government, defense and intelligence agencies, public infrastructure, and private industry as separate targets. To the enemy, this target-rich environment is one connected battlefield.
To defend on a single battlefield, the United States needs a holistic approach to cybersecurity. No single organization can protect our country. As such, transforming a nation’s cyber capabilities will require a unified approach that fosters operational collaboration, best-in-class solutions, and synchronized capabilities.
Facilitate operational collaboration
On one battlefield, the public and private sectors will intertwine, and the digital and physical realms will converge. Case in point: Colonial Pipeline. What started as a ransomware attack on a privately owned oil pipeline system quickly escalated into a national concern, causing widespread disruption to pipeline operations, fueling and movement. This brought to light a harsh reality. Critical infrastructure is essential to public health and safety, the economy, and national security, but much of it is operated by private companies. As such, public-private partnerships and information sharing are critical to safeguarding infrastructure and ensuring collaboration between government and industry.
Effective information sharing is not always easy, but recent events show it can be done.
Following the Colonial Pipeline, a rapid review found that the Transportation Security Administration (TSA) has emergency powers to mandate minimum cybersecurity guidelines for the transportation sector. The TSA then convened transportation executives to provide classified briefings to explain the context behind the threat, and ultimately adjusted security guidelines based on this interaction.
This is a step in the right direction. However, it is important to note that in the future, private companies may say that government information sharing is too slow or too thin to be enforceable. To enable operational collaboration, governments need to share threat intelligence faster. Private companies, on the other hand, must trust that sharing information with governments will improve their overall cyber defenses rather than lead to penalties.
Focus innovation where it’s needed most
To secure a single battlespace, you need a complete view of your tools, including those used by your enemies and those at your disposal. Regardless of sector, it is critical that organizations pay close attention to adversarial tactics, techniques, and procedures to stay ahead of threats and harden critical systems. But that’s just the beginning. Governments and industry must also work together to mobilize the nation’s cyber technology and innovation base.
Ultimately, weaknesses in cyber defenses are not due to lack of investment or innovation. They are due to lack of collaboration to maximize return on investment.
As a nation, we pour billions of dollars worth of budget and private capital into cybersecurity. What is lacking, however, is clear direction on how to proactively focus the nation’s collective cyber defenses to ensure that the latest innovations are deployed where and when they are needed most. is.
The United States must ensure integration between those on the front lines of cyber defense and those on the leading edge of developing new tools and products. To achieve this, the federal government will make targeted investments in best-in-class innovations, ensure they are adequately protected, and deploy the right functions to support critical missions. Must be served in a timely manner. This includes fostering viable incentive structures to help start-ups, accelerators, and incubators incorporate his programs directly into government research and development efforts.
synchronize offense and defense
On one battlefield, defensive and offensive cyber operations must be viewed as two sides of the same coin. But all too often, defensive and offensive operational planning and execution functions are isolated, with missions, resources, and functions siled. Defensively, this leaves us with a lack of cross-domain safeguards and defenders with limited knowledge of their adversaries’ offensive techniques. Unpleasantly, the disconnect between mission developers, function providers, and defenders prevents aggressive mission owners from benefiting from data on tactics, techniques, and procedures learned during cyber defense operations. preventing you from getting
To outperform adversaries, Congress establishes clear mandates to oversee defense and offense cyber cooperation, and to ensure that the United States synchronizes national defense and offense operations with appropriate strategy, operational models, and governance. should be able to Nation-level wargaming can help pressure-test the resulting offensive and defensive collaborations. This supports achieving operational integration that unlocks the full efficiency and effectiveness of the United States’ national cyber capabilities.
We are at a crossroads in our nation’s cybersecurity efforts. Like his opponents, he views a threat situation as a battlefield and can choose to deploy a unified approach to defending it. You can choose to improve public-private partnerships, foster innovation that supports critical missions, and integrate offense and defense. But if you don’t, you choose to risk it all. The time to make that choice is now.
Brad Medley Executive Vice President and Leader of Booz Allen Hamilton’s National Cyber Business.