An undated draft proposal developed by the President’s National Security Telecommunications Advisory Committee (NSTAC) for a national “moonshot” to dramatically improve cybersecurity envisions at ten-year horizon to get to the “fundamental goal of making the Internet safe and secure.”
According to numerous press reports, NSTAC delivered its Cybersecurity Moonshot report to the White House earlier this month for consideration. A final copy of the document has not been released, and the White House has not announced an endorsement of the proposal.
Here are some of the high points of the proposal, described in the draft proposal as “the beginning elements of a Cybersecurity Moonshot Initiative playbook”:
- The initiative should be introduced and championed by the President or Vice President “to clearly signal that addressing cybersecurity challenges in an enduring manner is a strategic imperative fundamental to the nation’s future,” and should be introduced in a “forum of national significance” such as a State of the Union speech or a special address to a joint session of Congress;
- The initiative must take a “whole of nation” approach including a “multi-tiered governance model spanning the Government, industry, and academia that align their inherent capabilities and activities toward realizing a safe and secure Internet”;
- The initiative should be carried out through an administration-led “Cybersecurity Moonshot Council” that will advocate for funding, develop national strategies, and “create policies and processes that empower and incentivize non-governmental stakeholders to drive accelerated innovation” in defined moonshot enabling fields;
- The Council should be chaired by the President or Vice President, comprised of cabinet-level officials, and run by an executive director appointed by the President; and
- The Council should publicly articulate a strategic framework to organize whole-of-nation action, with NSTAC recommending a starting point in that framework composed of six strategic “pillars” – technology, human behavior, education, ecosystem, privacy, and policy.
Under the technology pillar, NSTAC recommends a “concerted national research and product development strategy” in several tech areas “to bring them to bear against the national cybersecurity challenge,” including augmented intelligence, quantum communications and quantum resistant cryptography, behavioral biometrics, and 5G wireless communications. Growth in each of these areas could be stimulated through “Cybersecurity Grand Challenges” in order to “outpace competitive international efforts,” NSTAC said.
The privacy pillar states that American citizens have “practical certainty” that the moonshot initiative “will not create privacy vulnerabilities, but instead enhance privacy assurance and ensure that their personal data and transactions will remain protected, and in their control.”
Finally, the report recommends that the Council created to advance the moonshot goal focus most immediately on a series of Grand Challenges that take advantage of “audacious thinking, outcome-based incentivization, open innovation, [and] solution crowdsourcing.”
“This report lays out a path for a future state of the Internet that is resistant and resilient, values personal privacy and accountability, is available and accessible, and leverages emerging technological capabilities for good,” NSTAC said in the draft report.
“This path will require dramatic changes in education and policy, the establishment of Grand Challenges that Americans can rise to meet, more strongly aligned incentives for secure behaviors and consequences for malicious ones, and a fundamental understanding of the global, interconnected nature of the Internet,” it said.
“The report presents a path where America can lead the world by example and should serve as both a guide and a warning, that when it comes to the preservation of trust and safety of the Internet and our digital way of life that depends on it, failure is not an option,” NSTAC said.