Tomorrow’s cyber threats will likely eclipse yesterday’s. That’s why the National Security Strategy calls for decisive action to protect vital national functions and critical infrastructure—and it’s why the National Cybersecurity Strategy doubles down on disrupting and dismantling threat activities. Adversaries view the federal government, intelligence agencies, the military, and all critical infrastructure industries as one large target-rich environment—one cyber battlespace.
To prevail and outpace adversaries, the United States must now employ cyber offense and defense in a seamless manner. What’s needed is not just security and resilience, but also cyber superiority.
The time to act is now. Cyber conflict is being waged in the shadows—but the danger is clear enough. Digital cloak-and-dagger operations, fueled by rising geopolitical tensions, threaten to undermine trusted IT systems, connected devices, and operational technology (OT), potentially causing physical effects.
To gain the advantage, the United States, allies, partners, and the private sector must create unity of effort. This requires urgent progress on three fronts: fostering operational collaboration, focusing innovation, and integrating cyber offense and defense capabilities with other tools of national power to deter and counter threats.
Cybersecurity is national security. In the U.S., the White House, the Cybersecurity and Infrastructure Security Agency (CISA), the Department of Homeland Security (DHS), the Defense Department (DOD), the National Security Agency (NSA), U.S. Cyber Command (CYBERCOM) the Defense Advanced Research Projects Agency (DARPA), the National Institute of Standards and Technology (NIST), Congress, and critical infrastructure owners and operators are just a few of the many stakeholders with vital roles to play.
Leaders in government and industry need insights on signs of progress as well as key obstacles—and they need actionable advice on what to do next to solve urgent national cyber challenges.