Cybersecurity“Speed and Agility,” “Layered Cyber Deterrence” to Bolster American Cyber Defenses

Published 12 March 2020

The Cyberspace Solarium Commission (CSC) the other day released its report on how to best protect the nation’s critical infrastructure from a cyberattack of significant consequence. In the report, the CSC lays out a comprehensive strategy to restore deterrence in cyberspace and provides extensive policy and legislative actions to enable this strategy. The report lays out more than 75 recommendations to improve the cybersecurity of U.S. critical infrastructure and recommends a strategy of “layered cyber deterrence” that seeks to shape behavior in cyberspace, deny benefits to adversaries who would seek to exploit cyberspace to their advantage, and impose costs against those who would nonetheless choose to target America in and through cyberspace.

U.S. Senator Angus King (I-Maine) and Congressman Mike Gallagher (R-Wisconsin), co-chairs of the Cyberspace Solarium Commission (CSC), the other day announced the release of the CSC’s report on how to best protect the nation’s critical infrastructure from a cyberattack of significant consequence. In the report, the CSC lays out a comprehensive strategy to restore deterrence in cyberspace and provides extensive policy and legislative actions to enable this strategy. The report recommends a strategy of “layered cyber deterrence” that seeks to: shape behavior in cyberspace, deny benefits to adversaries who would seek to exploit cyberspace to their advantage, and impose costs against those who would nonetheless choose to target America in and through cyberspace.

The report details the extensive threats to our security, from nation states like China, Russia, Iran, and North Korea, but also from non-state actors like criminals and extremist groups. It highlights the unique challenges in defending the nation’s cyberspace, which is largely owned and operated by the private sector, and is intended to provide a path forward to building the robust public-private collaboration that is needed to establish effective cybersecurity. Unlike the previous model of many major policy reports, the Commission’s recommendations serve more as a roadmap for the U.S. to improve its posture in cyberspace. Major recommendations contained in the report include establishing a Senate-approved National Cyber Director to lead the federal government’s work in cyberspace, the development of a continuity of the economy plan to ensure the rapid recovery of national critical functions following a major disruptive cyber event, and the creation of House Permanent Select and Senate Select Committees on Cyber to provide integrated oversight of the federal government’s cybersecurity efforts.

In recent weeks, Commissioners have briefed Congressional leaders and members, and the staffs of relevant committees. In the coming months the Commissioners will work with Congress, the Administration, and private sector partners to implement the CSC’s recommendations. Congressional hearings are already on the calendar for the Commission to share its views with relevant Committees in both chambers.

The full report can be read here.