As cyberattacks become ever-increasing, one thing is clear: the United States needs to strengthen its cybersecurity efforts. Federal government and private sector cyber experts sat down to discuss the future of the cyber conflict and how to prevent the next big cyberattack.
During the Great Power Competition event, hosted by the University of South Florida College of Arts & Sciences, the Near East South Asia Center for Strategic Studies, and the Florida Center for Cybersecurity, experts agreed private and public sector collaboration and strengthened supply chains will be key in preventing cyberattacks.
“The single biggest problem we face is there is no air traffic control for cyber, you can’t see it,” said General Keith Alexander, co-CEO and president of IronNet Cybersecurity. “There’s so much going on that you have to bring this together and create that picture at network speed, and share it between the public and private sector so that we can respond.”
Gen. Alexander said if we could find a way to make visible enemy attacks on our infrastructure, it would give the United States time to react. Lt. Gen. Michael Groen, the director of the Department of Defense’s (DoD) Joint Artificial Intelligence Center (JAIC) agreed with Gen. Alexander that a trusted ecosystem is key to preventing cyberattacks.
“In air traffic control you have a trusted ecosystem,” Gen. Groen said. “This idea of a trusted ecosystem that protects you by making your data secure, making your environment secure, yet making it available to the people that need it for machine speed decision making – how do we do that? That’s the hard part. If it was one thing for Christmas: we need a Manhattan Project for a trusted ecosystem.”
Chris Inglis, President Biden’s nominee for the first-ever national cyber director, agreed with Gens. Alexander and Groen, but wanted to take a step back to discuss the root of the United States’ cyber problems, which he believes is “our badly designed supply chains.”
“Supply chains are flexible, they’re agile, they’re not the same for every party that’s downstream, but what you need to get away from is that we need to defend our patch all by ourselves towards where you have some greater degree of integration and collaboration,” Inglis said.
“Clearly, you need to strengthen these supply chains, better hardware, better software, better software development environments, we need to actually defend it,” he added. “But back to my point one, which is do that as a collaboration, not as a series of these exquisite divisions of effort, which are actually in agreement to not collaborate.”
When it comes to cyber deterrence, Inglis said the United States will never be able to achieve complete cyber deterrence. However, he stressed that he believes the United States can align actions and consequences in cyberspace to “affect the decision calculus” of both adversaries and allies.
“The goal is not complete, perfect security – that’s impossible in cyberspace,” Inglis added. “It’s a defensible enterprise that’s well defended, where we can outwit, outmaneuver, we’re more agile than the adversary in that space – that I think is the goal.”