Following World War II and the onset of the Cold War with the Soviet Union, the US undertook a series of measures to strengthen the resilience of the nation. These included a significant expansion of government support for scientific research in universities and R&D labs, leading to product innovations from the private sector and better weapons from the defense industry which contributed to making the US the most prosperous and secure nation in the world.
In the 1950s the government enacted the National Interstate and Defense Highways Act, which led to the construction of the Interstate Highway System. The Act had a dual purpose: facilitating the economic growth of the country as well as supporting the country’s defense during a conventional or nuclear war should it be necessary.
And, last but far from least, in the late 1960s the Department of Defense launched ARPANET, the digital infrastructure that eventually became the Internet. ARPANET was designed as a flexible digital network that would enable computers to continue to communicate with individuals and with each other following a military attack.
Fortunately, we never had to test the Internet’s ability to keep the US going following an attack or invasion. But, who would have thought that 50 years after the launch of ARPANET, it would be a global pandemic that’s been testing the Internet’s ability to fulfill its original objective of keeping nations and economies going during arguably the biggest shock the world has experienced since WWII.
The Internet is a general purpose data network that supports a remarkable variety of applications. Being general purpose has enabled the Internet to keep growing and adapting to widely different applications and become one of, if not, the most prolific innovation platform the world has ever seen. A major reason for its ability to support such a rich diversity of applications is that the Internet’s foundations, its TCP-IP layer, has stuck to its basic data-transport mission, i.e., moving bits around. Just about everything else, including security, is the responsibility of the applications running on the Internet. The design decisions that shaped the Internet didn’t optimize for secure, trustworthy operations. There’s no one overall owner responsible for security, making security significantly harder to achieve and the biggest challenge that the Internet has been facing since its explosive growth in the 1990s.
Internet threats have been increasing right alongside the increasing digitalization of the economy and society. Large-scale fraud, data breaches, and identity thefts have become far more common. As we move from a world of physical interactions and paper documents, to a world primarily governed by digital data and transactions, our existing methods for protecting identities and data have proved quite inadequate. Companies are finding that cyber attacks are costly to prevent and recover from.
A recent McKinsey survey found that the pandemic had accelerated the overall adoption of digital technologies and online applications by three to seven years in just a few months. Most of the changes we were forced to make in record time have worked remarkably well, such as work from home, virtual meetings and telemedicine, - with the notable exception of online learning, especially for younger children. But, not surprisingly, this accelerated digitalization has been accompanied by an increasing volume of cyberattacks against individuals, businesses, and government, - some of them quite serious.
International cyberthreats have significantly escalated with a growing number of high profile attacks by criminal groups and adversarial governments. In early June, FBI Director Christopher Wray compared the danger of ransomware attacks to the 9/11 terror threats. When Biden and Putin met in Geneva later that month, the control of cyberattacks was at the top of the agenda, a spot previously occupied by the control of nuclear weapons. A recent NY Times editorial urged Biden to take a stronger stand against Russia and other nations that encourage or tolerate cyber attacks.
CISA, the Cybersecurity & Infrastructure Security Agency, has the Nation’s lead to defend against cyber threats and to build more secure and resilient infrastructures. “The threats we face - digital and physical, man-made, technological, and natural - are more complex, and the threat actors more diverse, than at any point in our history,” notes its website. “CISA is at the heart of mobilizing a collective defense as we lead the Nation’s efforts to understand and manage risk to our critical infrastructure.”
On May 12, President Biden issued an Executive Order to Improve the Nation’s Cybersecurity, a welcome and very important step. The President’s Executive Order noted that a number of contractual terms and restrictions limit the sharing of threat and incident information among government agencies and private sector companies. “Removing these contractual barriers and increasing the sharing of information about such threats, incidents, and risks are necessary steps to accelerating incident deterrence, prevention, and response efforts and to enabling more effective defense of agencies’ systems and of information collected, processed, and maintained by or for the Federal Government,” said the Executive order.
The September 11 attacks led to the creation of the Office of the Director of National Intelligence (ODNI) precisely to increase the sharing of domestic, foreign, and military intelligence across 18 federal organizations. Similarly, 9/11 also led to the establishment of the Department of Homeland Security (DHS), which combined 22 different federal agencies into a unified Cabinet agency to better coordinate anti-terrorism, border security, immigration and customs, disaster prevention and management, and cybersecurity.
The digital economy was just emerging 20 years ago, but the situation is very different today. In the intervening years, the number of Internet users and online applications have increased by orders of magnitude as have the volume and variety of serious cybersecurity incidents across the public and private sector. To better address this increase in cyber threats, CISA launched a new Joint Cyber Defense Collaborative (JCDC) on August 5 “to integrate unique cyber capabilities across multiple federal agencies, many state and local governments, and countless private sector entities to achieve shared objectives.”
The JCDC announcement lists a number of objectives, including
- Comprehensive cyber defense plans to address risks and facilitate coordinated action;
- Sharing insights to shape joint understanding of challenges and opportunities for cyber defense;
- Coordinated defensive cyber operations to prevent and reduce impacts of cyber intrusions;
- Integrated cyber defense capabilities to protect the nation’s critical infrastructures;
- Flexibility in planning and collaboration to meet the cyber defense needs of the public and private sectors; and
- Joint exercises to improve cyber defense operations.
The announcement explicitly calls for joint cyber planning with key Federal agencies including DHS, the FBI, NSA, ODNI, and the Department of Justice, as well as with state and local governments and with the owners and operators of critical infrastructures, like financial services, food and agriculture, energy, and healthcare and public health. But, given the widespread use of IT across the private sector and the complexity of cybersecurity technologies, the announcement explicitly states that JCDC “will engage industry and academia partners to leverage unique insights, capabilities, and resources to support JCDC cyber defense planning efforts, including ICT providers and representatives from across the cyber ecosystem.”
At this early stage, it’s hard to predict the role that JCDC will play in strengthening the Nation’s cybersecurity. In my experience, close cooperation between government, business, and academic and research communities is essential to make progress in highly complex, multifaceted, consequential initiatives like cybersecurity. We all should hope that JCDC succeeds and help it do so. As CISA Director Jen Easterly said in the announcement:
“The JCDC presents an exciting and important opportunity for this agency and our partners – the creation of a unique planning capability to be proactive versus reactive in our collective approach to dealing with the most serious cyber threats to our nation. The industry partners that have agreed to work side-by-side with CISA and our interagency teammates share the same commitment to defending our country’s national critical functions from cyber intrusions, and the imagination to spark new solutions. With these extraordinarily capable partners, our initial focus will be on efforts to combat ransomware and developing a planning framework to coordinate incidents affecting cloud service providers.”
Comments