In the wake of the Colonial Pipeline cyberattack, America is reckoning with the real-world consequences these threats have on our economy, our infrastructure, and our national security.
Recently, the American Edge Project released a report discussing the drivers of risk and the incentives that can mitigate these cyber threats.
“There are two primary drivers of risk when it comes to defending against cyberattacks. One is the number of complex tools available and the number of adversaries – including non-nation states – who can access them. The second is the interconnectivity of systems, which has exponentially increased during the global pandemic as people and businesses all over the world increasingly turn to technology to support remote operations.”
The interconnectivity of systems exacerbates the risk these cyberattacks pose to American national security.
“…once an adversary is able to access a private cyber network, they are able to obtain more data and potentially cause more damage than ever before. Countries such as Russia, China, North Korea and Iran are eager to exploit such access to seize U.S. intellectual property, including sensitive military capabilities and future innovations.12 This can be used to improve their own military power or possibly identify vulnerabilities in American defense capabilities. In a worst-case scenario, an adversary nation could leverage existing access into U.S. networks to disrupt or even shut down American communications or critical infrastructure services.”
To support ongoing innovation, the U.S. should incentivize the private sector to maintain its cutting-edge cyber practices so that it can continue to innovate to protect the nation from future cyberattacks.
The report proposed multiple reforms to enhance cyber vigilance including, “codify a ‘Cyber State of Distress’ to ensure the government has adequate resources to respond to a cyber incident… having relevant U.S. agencies like Cybersecurity and Infrastructure Security Agency (CISA) share information and analysis with industry on threats of shared concern, including supply chain security and cyber threats… ‘the importance of strong encryption’ as a cornerstone of data security.” Such reforms could drastically alter the playing field in the wake of cyberattacks like that on the Colonial Pipeline.
With gas shortages across the United States, people have felt the cost of this disruptive cyberattack. Now more than ever, we must enhance our efforts to ensure future security, both in the public and private sectors. The stakes are simply too high.
The national security policy framework was published by the American Edge Project along with the following contributing authors:
- Admiral James Stavridis, USN (Ret.) former Supreme Allied Commander at the North Atlantic Treaty Organization (NATO), commander of U.S. Southern Command and American Edge Project National Security Advisory Board Co-Chair
- Frances Townsend, former White House Counterterrorism and Homeland Security Advisor and American Edge Project National Security Advisory Board Co-Chair
- Michael Allen, managing director, Beacon Global Strategies
- Jeremy Bash, founder and managing director, Beacon Global Strategies
- Kaitlyn Garman, senior associate, Beacon Global Strategies
- Jamil Jaffer, founder and executive director, National Security Institute
- Stephen Rodriguez, founder, One Defense