The Transformation of Federal Cybersecurity

Transformation, Federal Cybersecurity

The way the federal government approaches the cybersecurity strategy has changed from defensive to offensive.

From ransomware attacks on company devices to attacks on government election interference by foreign nations, cyber-attacks are severe threats to governments, businesses, and people alike. The federal government already addressed cybersecurity with the responsibility shared and siloed across departments.

The Department of Defense is responsible for various functional and geographical areas with its Cyber Command partially in response to Russia hacking the Pentagon’s network. Beyond the DOD, the National Security Agency has its cybersecurity resources and practices, the same as the Department of Homeland Security and the FBI. At the state level, agency CIOs and those in statewide positions work together in alliance with their federal counterparts. This disconnect and fragmentation are still causing problems today.

The change in Cybersecurity has paved its way along with the John S. McCain 2019 National Defense Authorization Act being implemented. This law outlines the DOD’s budget, expenditures, and policies putting cyber-activities in focus. The act mentions and highlights “cyber” 349 times. The NDAA normalizes certain military cyber-activities since these actions do not require presidential approval or briefing, only authorization by the defense secretary is sufficient. This change accomplishes two broader objectives: driving government focus precisely on cybersecurity, and formalizing cybersecurity processes to solve fragmentation issues.

The way the federal government approaches the cybersecurity strategy has changed from defensive to offensive. Traditionally, cybersecurity was commissioned as a defensive command centered on defending the U.S. digital infrastructure from any cyber-attack. Increasingly, the cybersecurity strategy is shifting to become offensive. The legal authority from the 2019 NDAA has adopted more offensive cybersecurity tactics highlighting “greenlit” as the standard element of modern warfare. The chief of the U.S. Cyber Command claims that the offensive tactics are utilized to support the DOD’s need to “defend forward.”

Offensive cybersecurity refers to planting cyber “weapons” deep within the adversaries’ networks. The U.S. does not need to use cyber-weapons for the strategy to work. The mere presence of a cyber-defense shows adversaries that the U.S. is capable of inflicting damage. Offensive cybersecurity tactics act as deterrents, indicative of gunboat diplomacy or the mutually assured destruction scenarios contemplated in conventional nuclear war games.

The U.S. deploys offensive cybersecurity strategies with Russia. The U.S., officials, confirmed placing the equivalent of digital land mines into Russia’s electric power grid to serve as a warning and as a demonstration of Cyber Command’s power. Offensive cyber attacks are conducted remotely, shortening the deployment time and costing less than conventional military infrastructure.

Experts suggest that nations can steel themselves against cyber-attack by leveraging partnerships with private-sector companies offering top talent and global innovation. The Pentagon’s $10 billion Joint Enterprise Defense Infrastructure cloud procurement – down to its finalists Amazon Web Services and Microsoft – will help DOD modernize its infrastructure. This is designed so warfighters at the network edge can quickly and securely access the information they need.

Ideally, these policies, strategic, and technology changes will create a more unified system. Rather than fragmentation exacerbating major threats, departments will have tactics and strategies ready to respond to any incident quickly. As the world enters the era of digitalization, the safety of the country depends on the government’s ability to defend in both digital space and physical presence. A safer, more expansive cybersecurity infrastructure accomplishes this, keeping the U.S. on the offense through a defend-forward strategy by mediating threats from across the globe before they even begin to take shape.