53.2 F
Washington D.C.
Tuesday, November 12, 2024

Eight Recommendations for the Next Administration from U.S. Cyber Leaders

New report urges next administration to take action on numerous cyber fronts including making CISA stronger.

A bipartisan report released today urged the next Administration to do more to protect the nation’s digital infrastructure against a rapidly evolving and dangerous threat landscape. “Securing America’s Digital Future: A Bipartisan Cybersecurity Roadmap for the Next Administration” highlights the urgent need for coordinated action from both the public and private sectors, including regulatory reform, workforce development, deterrence strategies, resilience, and the role of emerging technologies.

The Homeland Security Today community was able to receive a sneak peek of the of this report at the CYBERFUTURE Summit on October 17th, from task force members Bob Kolasky, the former director of the National Risk Management Center; Matt Hayden, former Assistant Secretary of Cyber, Infrastructure, Risk and Resilience Policy; and Mike D’Ambrosio, former Assistant Director of the Office of Investigations at the Secret Service. The panel discussed the future effects of their recommended plan as well as the immediate changes and priorities that they believe must be addressed before implementing any new changes.

“We want to push the next administration to be robust and smart and learn lessons about the kind of continuity that is needed to take us where we need to be as a country,”  said Homeland Security Today Editorial Board member Kolasky during the panel.

Key recommendations from the report include:

Recommendation One: Unify the Regulatory Landscape

One of the primary recommendations of the report is to address the fragmented and outdated patchwork of laws, regulations, and guidelines that currently govern cybersecurity in the United States. The report notes that while various sectors have made progress in enhancing their cyber defenses, the lack of a unified regulatory framework has hindered efforts to develop a cohesive national strategy.

The task force recommends that the next administration conduct a comprehensive review of all cybersecurity-related statutes to identify gaps, inconsistencies, and outdated provisions to reduce confusion, improve compliance, and enhance overall cybersecurity practices.  The panel noted that a common set of cybersecurity standards that can be adapted to specific sectors while providing overarching guidance across industries is critical.

Recommendation Two: Strengthening Government Coordination

Cybersecurity is a shared responsibility and effective collaboration between all levels of government is essential.  The SolarWinds breach and the Colonial Pipeline attack are stark reminders of the importance of coordinated responses across jurisdictions.

The report recommends improving coordination between federal, state, local, tribal, and territorial (SLTT) entities by providing stronger support and resources to the Cybersecurity and Infrastructure Security Agency (CISA). CISA is positioned as the central coordinating body for federal cybersecurity efforts and its role would be better fulfilled with enhanced funding and authority to support its SLTT partners.

Additionally, the report advocates for a more structured and frequent exchange of information between the private sector and government agencies. It calls for the expansion of public-private partnerships to address vulnerabilities in critical infrastructure and ensure that both sectors can share threat intelligence quickly and effectively.

Recommendation Three: Cost Imposition and Deterrence

As the attacks and malign activities grow, the report recommends that the nation’s future Administration develop a robust deterrence strategy to counter cyber adversaries. The U.S. must signal to both state-sponsored actors and non-state entities — such as cybercriminal organizations — that they will be subject to significant costs for engaging in malicious cyber activities.

To achieve this, the report recommends leveraging all elements of national power, including diplomatic, economic, and military tools. It calls for more aggressive use of sanctions, indictments, and international diplomacy to deter cyber actors. The task force also stresses the need to modernize U.S. military cyber capabilities to deter and respond to cyberattacks, as well as to strengthen international coalitions to address cybersecurity on a global scale.

Recommendation Four: Resilience

The report highlights the critical importance of resilience, noting that while deterrence is important, it is equally vital for the U.S. to be prepared to absorb and recover from cyberattacks. This is particularly relevant for critical infrastructure sectors, such as energy, transportation, healthcare, and financial services, which are increasingly reliant on digital systems and networks.

The task force calls for the development of comprehensive cloud security standards to ensure the protection of data and services that are increasingly migrating to cloud-based platforms. It also recommends fortifying the security of operational technology systems, which control physical processes in industries such as manufacturing and energy.

The next administration is urged to prioritize investments in cybersecurity resilience, particularly in the face of growing threats from ransomware and other forms of cybercrime. It recommends that businesses and government agencies alike adopt a zero-trust security model, which assumes that all network traffic is potentially malicious and requires continuous authentication and monitoring.

Recommendation Five: Shaping the International Environment

Recognizing that cyber threats know no borders, stronger U.S. leadership is called for in shaping international cybersecurity norms and standards. The task force stresses the importance of promoting an open and secure internet while working with international partners to address the growing challenges posed by adversarial states like Russia and China.

It is recommended that the U.S. take a leadership role in multilateral organizations such as the United Nations, NATO, and the International Telecommunication Union to promote a shared vision of cybersecurity. It also calls for the U.S. to work closely with allies and partners to counter cyber-enabled espionage and intellectual property theft.

Recommendation Six: Workforce Development

The task force acknowledges the significant challenge posed by the current shortage of skilled cybersecurity professionals. To address this it recommends expanding existing education programs and scholarships to attract more students into the field of cybersecurity. It also calls for the creation of flexible employment arrangements that can allow private-sector experts to temporarily work in government roles without long-term commitments, ensuring that agencies have access to top talent.

The development of a national cybersecurity apprenticeship program is proposed that would allow students and early-career professionals to gain hands-on experience in cybersecurity roles while still in school. This, the task force argues, would help close the skills gap and build a pipeline of talent for both government and industry.

Recommendation Seven: Critical and Emerging Technologies

The report warns that emerging technologies such as artificial intelligence (AI), quantum computing, and 5G networks present new challenges for cybersecurity, and it calls for proactive measures to ensure that these technologies are developed and deployed securely.

In particular, the task force recommends that the U.S. government develop a quantum-safe cryptography transition plan to protect against future threats posed by quantum computers. It also emphasizes the need to secure the supply chain for critical technologies, particularly in light of growing concerns over foreign influence and interference.

Recommendation Seven: Critical and Emerging Technologies

The report encourages requires sustained investment and a long-term commitment. Recommendations include significantly increasing budget and resources for Sector Risk Management Agencies; enhancing NIST funding to support its critical work in developing cybersecurity standards, and conducting robust Continuity of the Economy planning.

Conclusion

“Securing America’s Digital Future: A Bipartisan Cybersecurity Roadmap for the Next Administration” provides a comprehensive set of recommendations designed to address the growing cyber threats facing the United States. By focusing on regulatory reform, national coordination, deterrence, resilience, workforce development, and the security of emerging technologies, the report offers a clear roadmap for the next administration to follow in order to safeguard the nation’s digital infrastructure.

The task force emphasizes that cybersecurity must remain a top priority for policymakers and that decisive action is needed to protect national security, economic competitiveness, and public trust in the digital age.

Matt Seldon
Matt Seldon
Matt Seldon, BSc., is an Editorial Associate with HSToday. He has over 20 years of experience in writing, social media, and analytics. Matt has a degree in Computer Studies from the University of South Wales in the UK. His diverse work experience includes positions at the Department for Work and Pensions and various responsibilities for a wide variety of companies in the private sector. He has been writing and editing various blogs and online content for promotional and educational purposes in his job roles since first entering the workplace. Matt has run various social media campaigns over his career on platforms including Google, Microsoft, Facebook and LinkedIn on topics surrounding promotion and education. His educational campaigns have been on topics including charity volunteering in the public sector and personal finance goals.

Related Articles

Latest Articles