National Cybersecurity Initiative is Desperately Needed, According to Cyberspace Solarium Commission

July 20, 2020 — There are no shortage of news headlines warning of the dire results of the lack of a strong U.S. cybersecurity initiative.

A Twitter breach on Wednesday compromised the accounts of many U.S. public figures . Reports of Russian hackers targeting U.S. healthcare organizations conducting COVID-19 vaccine research are of further concern.

In this climate, it doesn’t take much to imagine the ways in which the upcoming U.S. election could be interfered with.

In a hearing on Friday, the Homeland Security Committee joined members of the Cyberspace Solarium Commission to discuss implementing strategies outlined in the commission’s Solarium Report, a national cyber defense strategy which consists of over 80 recommendations which could help implement an approach to deter cyber interference.

“The realities of 2020 make it evident we need a clear mission,” said Rep. Jim Langevin, D-R.I., stating that the players in the cybersecurity community lacked a leader and an understanding of their roles and responsibilities.

Senator Angus King, I-Maine, co-chair of the Cyberspace Solarium Commission, said the main questions the commission had to grapple with when creating the strategy were what the strategy should be and what the organizational structure should look like.

Part of the commission’s proposed strategy is implementing harsher consequences for actors behind cyberattacks.

“A policy that makes it clear that If we are attacked, we will respond, would provide a strong deterrent for cyber attackers,” King said.

“Our advisories currently don’t compute the cost of attacking us and that has to change,” he added.

Rep. John Katko, R-N.Y., said the nation’s top priority should be strengthening and clarifying the role and vastly increasing the funding of the Cybersecurity and Infrastructure Security Agency, the nation's current cyber risk advisor, established when President Donald Trump signed the Cybersecurity and Infrastructure Security Agency Act of 2018 into law.

Members of the commission requested that CISA be given additional resources and authorities needed to fulfill its role as the national risk manager.

Rep. Mike Gallagher, R-Wis., co-chair of the Solarium Commission, said it is important to elevate and empower existing organizations, rather than start from scratch.

A further problem that needs undertaking is the reorganization of cybersecurity initiatives, which members said are currently scattered across the government.

“We need to straighten out the organizational structure,” King said, asserting that “messy structure equals messy policy.”

King argued that the creation of a National Cyber Director position in the White House could resolve this organizational issue, and be further beneficial, by providing a single individual to hold accountable.

In order to promote national resilience, members of the commission recommended that Congress develop and maintain a continuity of economy planning process to turn to in times of cyber crisis.

“It’s important that we think through the unthinkable now, so we don’t have to think on the fly in the wake of a major attack,” Gallagher said.

Gallagher also recommended establishing a Bureau of Cyber Statistics, charged with collecting and processing data on cyber security.

The passage of the Coronavirus Aid, Relief, and Economic Security Act would also be a step in the right direction, as the act provides attention and funding to privacy and data security precautions.