![\"\"](\"https:\/\/new.thepinetree.net\/wp-content\/uploads\/2020\/03\/Fullscreen-capture-3112020-105855-PM.jpg\")
<\/a><\/p>\nClick Above For Full Report<\/p>\n
The report details the extensive threats to our security, from nation states like China, Russia, Iran, and North Korea, but also from non-state actors like criminals and extremist groups. It highlights the unique challenges in defending the nation\u2019s cyberspace, which is largely owned and operated by the private sector, and is intended to provide a path forward to building the robust public-private collaboration that is needed to establish effective cybersecurity. Unlike the previous model of many major policy reports, the Commission’s recommendations serve more as a roadmap for the U.S. to improve its posture in cyberspace. Major recommendations contained in the report include establishing a Senate-approved National Cyber Director to lead the federal government\u2019s work in cyberspace, the development of a continuity of the economy plan to ensure the rapid recovery of national critical functions following a major disruptive cyber event, and the creation of House Permanent Select and Senate Select Committees on Cyber to provide integrated oversight of the federal government\u2019s cybersecurity efforts.<\/p>\n
In recent weeks, Commissioners have briefed Congressional leaders and members, and the staffs of relevant committees. In the coming months the Commissioners will work with Congress, the Administration, and private sector partners to implement the CSC\u2019s recommendations. Congressional hearings are already on the calendar for the Commission to share its views with relevant Committees in both chambers.<\/p>\n
The full report can be read HERE.<\/p>\n
\u201cThe reality is that we are dangerously insecure in cyber,” write King and Gallagher in the report\u2019s Chairmen\u2019s Letter. \u201cYour entire life\u2014your paycheck, your health care, your electricity\u2014increasingly relies on networks of digital devices that store, process, and analyze data. These networks are vulnerable, if not already compromised. Our country has lost hundreds of billions of dollars to nation-state-sponsored intellectual property theft using cyber espionage. A major cyberattack on the nation\u2019s critical infrastructure and economic system would create chaos and lasting damage exceeding that wreaked by fires in California, floods in the Midwest, and hurricanes in the Southeast.\u201d<\/p>\n
\u201cWe didn\u2019t solve everything in this report. We didn\u2019t even agree on everything,\u201d the Chairmen continue. \u201c\u2026Yet every single Commissioner was willing to make compromises in the course of our work because we were all united by the recognition that the status quo is not getting the job done. The status quo is inviting attacks on America every second of every day. The status quo is a slow surrender of American power and responsibility. We all want that to stop.\u201d<\/p>\n
The report includes more than 75 specific recommendations, organized into 6 pillars. These include:<\/p>\n
1. Reform the U.S. Government\u2019s Structure and Organization for Cyberspace. The U.S government\u2019s existing infrastructure is not up-to-date to meet the opportunities and challenges presented in cyberspace, with fractured responsibilities slowing our response in a domain that is constantly shifting. To that end, recommendations in this pillar include:<\/p>\n
\u00b7 Congress should create House Permanent Select and Senate Select Committees on Cyber to provide integrated oversight of the federal government\u2019s cybersecurity efforts.<\/p>\n
\u00b7 Congress should establish a Senate-confirmed National Cyber Director, and an accompanying office, within the Executive Office of the President. The position will serve as the President\u2019s principal advisor for cyber issues and lead national-level coordination of cybersecurity strategy and policy, both within government and with the private sector.<\/p>\n
\u00b7 Congress should strengthen the Cybersecurity and Infrastructure Security Agency (CISA) in its mission to ensure the national resilience of critical infrastructure, promote a more secure cyber ecosystem, and serve as the central coordinating element to support and integrate federal, state and local, and private-sector cybersecurity efforts.<\/p>\n
2. Strengthen Norms and Non-Military Tools. A system of norms, built through international engagement and cooperation, promotes responsible behavior and dissuades adversaries from using cyber operations to undermine our nation\u2019s interests. The United States can strengthen the current system of cyber norms by using non-military tools, including law enforcement actions, sanctions, diplomacy, and information sharing, to more effectively persuade states to conform to these norms and punish those who violate them. Recommendations include:<\/p>\n
\u00b7 Congress should create an Assistant Secretary of State in the Department of State, with a new Bureau of Cyberspace Security and Emerging Technologies, who will lead the U.S. government\u2019s effort to develop and reinforce international norms in cyberspace.<\/p>\n
3. Promote National Resilience. Resilience \u2013 the capacity to withstand and quickly recover from attacks \u2013 is key to denying adversaries the benefits of their operations and reducing confidence in their ability to achieve their strategic ends. We must improve our national resilience, in both the public and private sectors, and enhance our ability to accurately identify and mitigate risk across all elements of critical infrastructure. Recommendations include:<\/p>\n
\u00b7 Congress should direct the U.S. government to develop and maintain Continuity of the Economy planning in consultation with the private sector to ensure continuous operation of critical functions of the economy in the event of a significant cyber disruption.<\/p>\n
\u00b7 Congress should codify a Cyber State of Distress tied to a Cyber Response and Recovery Fund to ensure sufficient resources and capacity to respond rapidly to significant cyber incidents.<\/p>\n
\u00b7 The U.S. government should promote digital literacy, civics education, and public awareness to build societal resilience to foreign, malign cyber-enabled information operations.<\/p>\n
4. Reshape the Cyber Ecosystem Toward Greater Security. Raising the baseline level of security across the cyber ecosystem will, over time, reduce the frequency, scale, and scope of our adversaries\u2019 cyber operations. This pillar requires partnering with the private sector and adjusting incentives to produce positive outcomes. Recommendations include:<\/p>\n
\u00b7 Congress should establish and fund a National Cybersecurity Certification and Labeling Authority empowered to establish and manage a program on voluntary security certifications and labeling of information and communication technology products (an \u201cUnderwriters Laboratories\u201d for cybersecurity products).<\/p>\n
\u00b7 Congress should establish a Bureau of Cyber Statistics charged with collecting and providing statistical data on cybersecurity and the cyber ecosystem to inform policy making and government programs.<\/p>\n
\u00b7 Congress should pass a national data security and privacy protection law establishing and standardizing requirements for the collection, retention, and sharing of user data.<\/p>\n
5. Operationalize Cybersecurity Collaboration with the Private Sector. Unlike in other physical domains, in cyberspace the government is often not the primary actor. As a result, it must support and enable the private sector efforts to understand and confront threats. Recommendations include:<\/p>\n
\u00b7 Congress should codify the concept of \u201csystemically important critical infrastructure\u201d, whereby entities responsible for systems and assets that underpin national critical functions are ensured the full support of the U.S. government and shoulder additional security requirements befitting their unique status and importance.<\/p>\n
\u00b7 Congress should direct the executive branch to elevate and strengthen a public-private, integrated cyber center in CISA to support its critical infrastructure security and resilience mission and to conduct a one-year, comprehensive systems analysis review of federal cyber and cybersecurity centers.<\/p>\n
6. Preserve and Employ the Military Instrument of Power \u2013 And All Other Options to Deter Cyberattacks at Any Level. Cyberspace is already an arena of strategic competition, where states project power, protect their interests, and punish their adversaries. The U.S. must defend forward to limit malicious behavior by our adversaries below the level of armed attack, deter conflict, and, if necessary, prevail by employing the full spectrum of its capabilities. To achieve these goals, the U.S. must demonstrate its ability to impose costs and establish a clear declaratory policy that signals to rival states the costs and risks associated with attacking the U.S. in cyberspace. Recommendations include:<\/p>\n
\u00b7 Congress should direct the Department of Defense to conduct a force structure assessment of the Cyber Mission Force to ensure that the United States has the appropriate force structure and capabilities in light of growing mission requirements and increasing expectations, in both scope and scale.<\/p>\n
\u00b7 Congress should direct the Department of Defense to conduct a cybersecurity vulnerability assessment of all segments of the nuclear control systems and continually assess weapon systems\u2019 cyber vulnerabilities<\/p>\n
The Cyberspace Solarium Commission was established by statute in the 2019 National Defense Authorization Act (NDAA), and officially launched in April 2019. Over the last 11 months the Commissioners convened 29 times, and the Staff conducted more than 300 engagements, drawing upon the expertise of corporate leaders, federal, state and local officials, academics, and cybersecurity experts. The goal of this engagement was to understand America\u2019s posture in cyberspace and find opportunities to improve our national preparedness to defend ourselves against cyberattacks.<\/p>\n
In addition to Senator King and Representative Gallagher, the Commissioners included Senator Ben Sasse (R-Neb.); Congressman Jim Langevin (D-R.I.); Frank Cilluffo, Director of the McCrary Institute for Cyber and Critical Infrastructure Security at Auburn University; Tom Fanning, Chairman, President and CEO of the Southern Company; Chris Inglis, Professor of Cybersecurity Studies at U.S. Naval Academy and former Deputy Director of the National Security Agency; Patrick Murphy, Former Congressman and former Under Secretary of the Army; Samantha Ravich, Vice Chair of the President\u2019s Intelligence Advisory Board and former principal deputy National Security Advisor to Vice President Dick Cheney; Suzanne Spaulding, Senior Adviser for Homeland Security at the Center for Strategic and International Studies and former Under Secretary of National Protection and Programs Directorate at the Department of Homeland Security; Christopher Wray, Federal Bureau of Investigation; David Norquist, Department of Defense; David Pekoske, Department of Homeland Security; and Andrew Hallman, Office of the Director of National Intelligence.<\/p>\n
\u201cWarning lights have been blinking for a long time,\u201d said Senator Sasse. \u201cChina and Russia have attacked the United States in cyberspace, and Washington has been caught flat footed without a cyber doctrine. This report lays out a vision for defending the world\u2019s most advanced digital society through a strategy of layered cyber deterrence. There are a lot of recommendations in here \u2013 some of them are great and some of them need more work. This report is the beginning, not the end. Now, it\u2019s time to execute.\u201d<\/p>\n
\u201cThe cybersecurity threats facing our nation have never been more urgent, and they are poised only to grow,\u201d said Congressman Langevin, co-founder and co-chair of the Congressional Cybersecurity Caucus. \u201cIn my more than a decade working on cybersecurity issues, I have never felt more optimistic about our path forward than I do with the release of the Solarium report. We have a long way to go as a nation to close our aperture of vulnerability in cyberspace. But the strategy we lay out today will make us much more secure if we have the political will to execute it. I sincerely thank my fellow commissioners, particularly our steadfast co-chairs Senator King and Congressman Gallagher, for their immense dedication to this project, and I thank Speaker Pelosi for giving me this opportunity to serve.\u201d<\/p>\n
The CSC was established in the 2019 NDAA in the spirit of the original Project Solarium convened by President Dwight D. Eisenhower in 1953. The original Solarium was created to develop a consensus strategy to counter the Soviet Union as it was threatening the United States and its allies in the early days of the Cold War. This work contributed to the strategies that guided the United States through the Cold War ending with the fall of the Berlin Wall and the collapse of the Soviet Union. The newest iteration of the Solarium seeks to create a path forward that will guide the United States through a new age of warfare.<\/p>\n","protected":false},"excerpt":{"rendered":"
Washington, DC…U.S. Senator Angus King (I-Maine) and Congressman Mike Gallagher (R-Wis.), co-chairs of the Cyberspace Solarium Commission (CSC), today announced the release of the CSC\u2019s report on how to best protect the nation\u2019s critical infrastructure from a cyberattack of significant consequence. In today\u2019s report, the CSC lays out a comprehensive strategy to restore deterrence in […]<\/p>\n","protected":false},"author":1,"featured_media":97091,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_cbd_carousel_blocks":"[]","jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[20,5,1],"tags":[],"class_list":["post-97089","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-featured","category-government","category-news","last_archivepost"],"jetpack_featured_media_url":"https:\/\/new.thepinetree.net\/wp-content\/uploads\/2020\/03\/Fullscreen-capture-3112020-105855-PM.jpg","jetpack_sharing_enabled":true,"jetpack-related-posts":[],"_links":{"self":[{"href":"https:\/\/new.thepinetree.net\/index.php?rest_route=\/wp\/v2\/posts\/97089","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/new.thepinetree.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/new.thepinetree.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/new.thepinetree.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/new.thepinetree.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=97089"}],"version-history":[{"count":0,"href":"https:\/\/new.thepinetree.net\/index.php?rest_route=\/wp\/v2\/posts\/97089\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/new.thepinetree.net\/index.php?rest_route=\/wp\/v2\/media\/97091"}],"wp:attachment":[{"href":"https:\/\/new.thepinetree.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=97089"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/new.thepinetree.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=97089"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/new.thepinetree.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=97089"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}