Opinion – The White House is making a significant effort toward organizing the country’s cyber house. a newly released National Cyber Strategy Represents a major step in the right direction for U.S. national security policy – advocating aggressive defense of our national infrastructure.
While the strategy includes important goals for the administration — streamlining regulation, developing the cyber workforce, protecting federal networks, and partnering with the private sector — how the administration moves forward will determine whether it achieves the goals outlined in the strategy. Across the six pillars of the strategy, the administration needs to clarify its arguments, refine its implementation plans, and improve its articulation of the challenge we face.
Protecting U.S. national interests in cyberspace requires understanding the threats to our national security. Despite prioritizing efforts to shape adversary behavior in the first of the strategy’s six pillars, it falls short in identifying America’s most aggressive adversaries – Russia and the United States. China. Both countries have repeatedly targeted American critical infrastructure without meaningful response from the United States. It fails to mention China operations Preparation national critical infrastructure or battlefield conditions on US soil through its Volt Typhoon campaign against Russia aimed at of networking equipment. Shaping adversary behavior in cyberspace requires identifying who the adversary is.
Pillar One provides a strong, effective rationale for developing the offensive cyber capabilities and operations that are critical to achieving success in today’s war. The White House showed a willingness to use these cyber capabilities in both Venezuela And iran. There is debate over whether private companies should be allowed more agency to “push back” against attackers, and the administration is reportedly Considering An expanded role for the private sector. Although the government should work with the private sector to develop these offensive capabilities, it should be limited to equipment manufacturing and network defense rather than actual conduct of offensive operations. If private companies conduct offensive cyber operations, the government risks losing control over an escalation of the conflict.
Pillar two gives priority to well-established rules. Data and cybersecurity regulations help ensure that companies have safe and secure practices. However, the proliferation of cyber attacks has led to an explosion of cyber-related regulations. The federal government should work with the private sector to ensure that these regulations are comprehensive without placing unnecessary burdens on the private sector.
Pillar three focuses on the critical goal of securing the federal network and modernizing procurement. Mentioned wisely in the strategy Post-quantum cryptography, zero-trust architectureAnd cloud infection. Taking this emerging technology into account, the government must refine procurement processes to enable continuous improvement of the federal network.
Pillar four calls for building stronger private-public collaboration to protect critical infrastructure. It’s a noble goal, but much of former Secretary of Homeland Security Kristi Noem’s actions over the past year contradict this goal. He decimated the Cyber Defense Agency’s workforce – reducing it by nearly 40 percent – and disrupted cybersecurity grant programs, Weak Agency efforts to support state and local governments and public utilities. He canceled the Critical Infrastructure Partnership Advisory Council, effectively eliminating the federal government’s authority to collectively engage private companies to advance cyber defense.
The Trump Administration can reverse this destructive trend and put the United States on the right track for cyber defense of critical infrastructure. Noem’s replacement should begin with the overhaul and resourcing of the Cybersecurity and Infrastructure Security Agency (CISA).
Pillar Five prioritizes U.S. superiority in critical and emerging technologies – an essential priority to ensure U.S. success in cyberspace. Executing this strategy requires investment in research centers that are the driving force for continuous improvement and development of critical and emerging technologies.
A key element of the new cyber strategy is contained in Pillar Six – its continued commitment to building America’s capacity to develop talent in cyberspace. Without a strong cyber workforce in government, military, and the private sector, the nation risks falling behind. The administration can validate this pillar with continued support of programs such as CyberCorps: Scholarships for Service that provide scholarships for cyber-related degrees in exchange for government service after graduation.
The program has faced problems due to the administration’s reduction in staff numbers and hiring freeze Challenges Along with maintaining funding and keeping participants over the past year. The administration should support and expand funding for the program and prioritize recruitment for participants. President Donald Trump should also establish a new military service for cyber, a US Cyber Force, which would create a better productive A military cyber workforce sufficient in size and skill to meet America’s strategic objectives.
It would be wise for Trump to execute the plan through additional executive orders (EOs) to implement the stated goals – orders signed by the president task federal agencies with varying deliverables while White House strategic documents lack enforcement power. These EOs should prioritize support for CISA, cyber workforce development, and building an organizational structure to take offensive action against U.S. adversaries. Understanding the “ends” of strategy and equipping them with the “ways” and “means” through EO will continue US superiority in cyberspace.
The six “pillars of action” in the new strategy have the potential to guide the United States toward success in cyberspace. That success will depend on whether the administration takes the necessary actions to support good rhetoric.
Cipher Brief is committed to publishing multiple perspectives on national security issues presented by deeply experienced national security professionals. The opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.
Do you have any perspective to share based on your experience in the national security arena? Send it to editor@thecipherbrief.com for consideration for publication.
Read more expert-driven national security insights, perspectives, and analysis at The Cipher Brief
