Future trends in cybersecurity present challenges and opportunities for the United States government to strengthen its virtual guards.
Like a vast ocean, cyberspace does not belong to any one country nor is it bound to any one set of laws. Information flows through it in waves, bringing new cybersecurity threats at every turn. To skillfully navigate these waters, the U.S. must evolve its cybersecurity strategies to prepare for attacks from every flank in ever-changing, uncharted territory—especially in regards to information technology infrastructure.
Countries perceive cyberspace differently
While in the U.S. the internet is generally treated as a smorgasbord of ideas and images with little filter, many foreign states see it differently. Russia and China, for example, utilize cyberspace as a way of emphasizing national priorities and keeping dissenting social and political information at bay. Their goal is to preserve sovereignty, and cyberspace is a place where security means governance and control.
A lack of international consensus makes cybersecurity a massive challenge. The variance in controls and perspectives from nation-to-nation creates an unstable environment that is ripe for disruption and nefarious activity.
A leak in a vessel can sink a ship, and an open door for hackers can cripple a country’s infrastructure. With the increased reliance on dynamic IT systems to manage critical infrastructure, malicious actors see greater opportunity to destabilize a nation’s daily operations through cyberspace.
This new form of cyber warfare keeps growing in prevalence and testing the relationships between superpowers. The U.S. has taken important steps to protect infrastructure, but the Wild West of cyberspace continues to keep lawmakers on their toes.
1. Align cybersecurity research and development with national technology development
More than ever, IT is being used to manage transportation, energy, communication, manufacturing, and other infrastructures. As these technologies become more widely used, it becomes increasingly difficult to account for gaps in security at federal agencies. This means the development of cybersecurity technology needs to parallel the advancements in IT.
2. Create a national cybersecurity community
The cybersecurity challenges facing the United States are vast and complex. Addressing them will require a whole-of-nation approach with a combined effort from many experts to develop and apply the requisite cybersecurity capabilities in the Cybersecurity National Action Plan. As such, the 46th president should define the national cybersecurity R&D community, similar to those established for nuclear energy and aerospace technology after WWII.
Fortunately, the federal government took strong steps in 2015 and 2016 with the release of the Federal Government Cybersecurity R&D Strategic Plan, but challenges persist. The plan limits itself to the federal government and does not consider the R&D resources of experts in the industries and academic fields.
3. Define cybersecurity challenges
Once a national cybersecurity research and development community is established, it should immediately begin to tackle what the exact threats are to U.S. cybersecurity.
Though some challenges can be drawn from the 2016 Federal Government Cybersecurity Research and Development Strategic Plan, others should include:
- Identifying vulnerabilities introduced with smart infrastructures.
- Outlining needs of cybersecurity operators within the Department of Defense (DoD) and the intelligence community.
- Securing our financial system, as crypto-currencies and global trading become increasingly common.
The U.S. should also consider the need to do more to guard our electoral systems against foreign interference.
4. Enable cybersecurity R&D information sharing
Once security tools and programs are created, a way to quickly share them with the right people is necessary. Although an existing executive order already calls for stronger information sharing, efforts to build a national cybersecurity R&D information-sharing architecture should be formalized and accelerated.
Although more information sharing organizations are being established, a national architecture—with effective governance—for information sharing has yet to come to fruition.
5. Address privacy concerns
Privacy and security regularly collide in the U.S., as citizens expect both even though they often counteract each other. To safeguard the nation, while protecting the privacy of users, cybersecurity developers should adhere to the protections of the Fourth Amendment to the Constitution, which protects people against unlawful searches and seizures. We need to ensure that the search for vital intelligence doesn’t become fixed surveillance of U.S. citizens.
Evolving cyber threats require novel solutions
The current U.S. cybersecurity challenge is setting up a system to guard valuable IT information while protecting citizens’ rights and allowing the freedom to delve into the vast realm of cyberspace.