The best defense is a good offense according to the new National Cyber Strategy, announced by the White House. The US is set to play offense more than ever in the security war being fought somewhere above our heads in the “cloud” and in the networks that connect us.
This four-pillared strategy, obtusely worded, is a product of the executive order signed last year, Cybersecurity of Federal Networks and Critical Infrastructure, which was meant to place a heavier hand on enhancing government understanding of expanding cybersecurity threats and the strategy required to improve the US system.
In the coming months, pay attention to the requisite public-private partnerships that are established (and large contracts signed) to strengthen communication between sectors, as well as increased funding for agency staffing and operations. Both will climb to heights unseen.
What the Public Knows So Far
In the short span of time since President Trump took office, the nation has faced numerous precedent-setting cybersecurity threats. In May 2017, the ‘WannaCry’ ransomware stopped a massive amount of global business and caused billions of dollars in damage. It infected hundreds of thousands of machines in 150 countries.
After that, ‘NotPetya’ malware struck and wiped data from banks, energy companies, and airport operations. The city of Atlanta was hit recently, too. In all these cases, the attacked systems ground to a halt when hit.
Four Ways Forward Says the President: The 4 Part Plan
"Protect the American People, the Homeland, and the American Way of Life."
- Secure federal networks and information.
- Safeguard critical infrastructure.
- Combat cybercrime.
- Improve incident reporting.
“Generate an Economy”
- Develop a bigger, better, faster digital economy, cyber-workforce.
- Boost the growth and innovation required to dominate that space.
- Create and sustain a larger cyber-economic engine.
“Peace through Strength and Deterrence”
- Counter-attack, disrupt, degrade, and deter threats to US interests.
- Enhance cyber stability through norms of responsible state behavior.
- Attribute unacceptable behavior in cyberspace.
- Preserve long-term openness, interoperability, security, and reliability of the internet.
- Support market growth for infrastructure and emerging technologies.
- Build cyber capacity internationally.
Denials Turn to Action
These plans were announced on the heels of President Trump's recent proclamation, through an executive order, that his office would step up the fight against election tampering - another form of cyber-crime in many cases. The White House will command and direct the execution of sanctions on foreign actors who meddle with U.S elections. The language in the order is also very broad and specifics are hard to come by.
After his recent disastrous denial at the Trump-Putin summit in Helsinki that Russia meddled in the 2016 elections, there is worry that his judgment may tilt toward favorable relations with foreign actors that threaten America’s cybersecurity. Congress tends to fall into that worried category and is fighting against the broad language by pushing through the Deter Act to tighten regulations and establish an airtight protocol for sanctioning foreign actors who meddle in elections.
So, the question now is, will we ever see more specific language from the president on both his election plans and the cybersecurity blueprint?
What We Need to Track
Watch the money. The campaign contributions from cybersecurity firms to candidates who over-support their endeavors and lucrative government contracts are essential to monitor. It gets complicated and sticky.
Also, keep an eye out for the money pouring into the 4th branch of government, the federal agencies that are grouped in with the cybersecurity expansion as it blooms and grows.