OPINION / CYBER INITIATIVES GROUP — The 2024 Report on the Cybersecurity Posture of the United States, released by the Office of the National Cyber Director (ONCD), represents a groundbreaking effort to assess the nation’s cyber readiness across various sectors.
This inaugural report provides a useful benchmark for evaluating the current state of U.S. cybersecurity. It lays the foundation for year-over-year comparisons, enabling policymakers to empirically track progress and identify areas requiring further attention. This effort will allow administrations to prioritize U.S. cyber efforts better and for Congress to provide better oversight and resourcing for this crucial area. This marks the first time the government has produced a comprehensive cyber assessment, and its significance cannot be overstated.
The report highlights the cyber threats facing the United States, emphasizing the activities of nation-states such as Russia, China, Iran, and North Korea. As noted, geopolitical conflicts are increasingly spilling into cyberspace, with China and other adversaries actively prepositioning themselves within U.S. infrastructure to gain strategic advantages in the event of a significant geopolitical conflict involving the U.S. It delves into malicious actors and key trends, including supply chain vulnerabilities, cyber conflicts, critical infrastructure risks, and geopolitical factors. The report’s forward-looking approach provides an empirical basis for assessing cyber readiness while offering a valuable tool for informing budgetary decisions.
The report pushes us to move beyond simply reacting to cyber threats and sets the stage to adopt a more responsive, tailored approach. We must develop effective cyber deterrence which requires customized playbooks for different adversaries as the tactics that may work against nation-states like China will likely differ from those needed to counter North Korean actors, Russian actors, or ransomware gangs. A one-size-fits-all strategy is inadequate.
It’s not just for the President anymore. Are you getting your daily national security briefing? Subscriber+Members have exclusive access to the Open Source Collection Daily Brief, keeping you up to date on global events impacting national security. It pays to be a Subscriber+Member.
For instance, countering the ransomware threat demands a multi-pronged approach that leverages and operationalizes diplomatic, financial, intelligence, law enforcement, and private-sector partnerships. As highlighted, strides have been made to disrupt ransomware infrastructure and financially impede cybercriminal operations through coordinated takedown efforts. However, we need to scale these efforts and impose costs on safe havens that allow these groups to operate with impunity.
Sophisticated nation-state actors like China pose an even greater challenge, pre-positioning within U.S. critical infrastructure systems to hold them at risk during potential geopolitical conflicts. Addressing low-hanging fruit vulnerabilities like the BGP gateway protocol exploit is also crucial, as even seemingly minor flaws can enable adversaries to conduct widespread attacks if left unaddressed. Deterring this type of malicious cyber activity from nation-states requires a multifaceted approach, potentially combining cyber operations with economic, political, and even military elements of national power.
As noted, supply chain exploitation risks are growing. As global supply chains become increasingly complex and interconnected, adversaries exploit these networks’ vulnerabilities to access sensitive information, disrupt operations, and extort businesses and governments. However, we don’t yet have full visibility into our supply chains to evaluate these threats’ potential second and third-order effects. The report stresses the need for Sector Risk Management Agencies (SRMAs) to enhance their capabilities to identify and manage these systemic supply chain risks that could have cascading impacts across sectors. This level of visibility is necessary to avoid adversary attempts to compromise critical systems and services through supply chain attacks.
Sign up for the Cyber Initiatives Group Sunday newsletter. Better results in cyber require better thinking. Sign up for the CIG newsletter today.
The report’s exploration of emerging technology risks, such as those posed by artificial intelligence (AI) and quantum computing, is particularly insightful as these rapidly evolving fields likely will reshape the cybersecurity landscape quickly. AI, for example, could be leveraged by adversaries to automate and scale their attacks, making it even more challenging to defend against them. At the same time, AI could enhance cybersecurity by enabling faster threat detection, more accurate risk assessment, and more effective incident response. Similarly, quantum computing has the potential to render many current encryption methods obsolete, necessitating a proactive approach to developing and deploying quantum-resistant cryptography.
Future iterations of the Posture Report could benefit from a more critical evaluation of lagging agencies and sectors, such as the water and agriculture sectors. This will help make visible specific challenges and barriers to progress, enabling policymakers and stakeholders to develop targeted interventions and support mechanisms to accelerate improvement. Additionally, the report could have emphasized the need to address safe havens for cyber actors, particularly in Russia and former Soviet states where the majority of ransomware activity originates. These regions have long been a hotbed of cybercriminal activity. The U.S. has been reactive rather than proactive in addressing these bad actors. We must determine how to impose costs and consequences on these actors. It may be time to explore additional diplomatic tools and national security strategies, such as potentially designating “state sponsors” of cybercrime.
The 2024 Report on the Cybersecurity Posture of the United States marks a milestone in bringing a more empirical and data-driven approach to the nation’s cyber readiness. The report lays the groundwork to better allocate limited cyber resources moving forward by providing a comprehensive overview of the current threat landscape and ongoing efforts to strengthen cybersecurity and emerging risks. It is a valuable resource for policymakers, industry leaders, and cybersecurity professionals, enabling them to make informed decisions based on a clear understanding of the challenges and opportunities.
Ultimately, the success of our nation’s cybersecurity efforts will depend on our ability to operationalize a coordinated approach, working together to implement the best practices and relentlessly focus on securing the digital infrastructure and protecting the American people. With the 2024 Posture Report as our guide, we have a roadmap to bring a measure of science to the art of cybersecurity policymaking and transition from reacting to cyber threats to proactively shaping a more defensible digital ecosystem.
Consider publishing your national security-related, thought leadership content in The Cipher Brief, with a monthly audience reach of more than 500K national security influencers from the public and private sectors. Drop us a note at [email protected]
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.
5/8/24 headline updated
