Joe Biden made a clear statement of intent on cyber security even before his term began by proposing $9bn of funding for the US’s cyber security capabilities. This announcement in January included enhancing the work of the country’s Cyber Security and Information Security Agency (CISA), cyber security upgrades across other federal agencies, and a number of national security appointments, including a new deputy national cyber security adviser.
In his statement, Biden said these measures were “building capacity to prepare for, and respond to, the full spectrum of threats we face”. Indeed, his presidency follows the exposure of one of the most significant cyber security incidents in recent years, the long-running SolarWinds campaign that was discovered in December 2020. It was a stark reminder of the threats the US and other governments worldwide face, and has rightly made cyber security a priority of this presidential term.
Further clues of the direction this administration may take on cyber security can be found by taking a closer look at the National Security Agency’s (NSA) Cybersecurity Directorate.
Established in October 2019, the directorate was created to “prevent and eradicate threats to the nation’s most sensitive systems and critical infrastructure, with an initial focus on the Defence Industrial Base and its service providers”. One year on, the NSA’s 2020 Year in Review provides an insight on what has been achieved already, as well as some indication of what is to come.
This past year, for example, the NSA, like its UK counterpart the NCSC (National Cyber Security Centre), has faced the monumental challenge of protecting government employees in new working conditions. One of its greatest achievements was enabling 100,000 employees across the Department of Defence (DoD) to safely move to remote working. The NSA also faced an upswing in activity from hackers because of the pandemic.
Of course, the challenges of 2020 were extraordinary, but the cyber security measures the NSA put in place in response will remain relevant for the future. The protection of government employees outside the office will remain a priority and the protection of national security assets – such as that in the healthcare industry – will continue to be a focus.
However, if we zoom out from the detail, the wording of the report itself offers some interesting insights into the national cyber defence trends we can expect in this inaugural year.
For example, communication across government is becoming more critical. The NSA report emphasised that a key step in boosting the resilience of departments was to build trust by sharing unclassified threat and cyber security advice more broadly to help all organisations keep themselves secure.
There are also clear signs of direct collaboration between industry and government, becoming more acceptable as leaders seek out the cutting-edge cyber security solutions they need to protect national assets amid escalating threats. The US Defence Industrial Base, for example, encompasses more than 100,000 companies and the report dedicates an entire section to new ideas that can build cyber resilience.
International collaboration
There are also indications from the NSA report that, beyond more collaboration between industries and organisations, transparency and international collaboration will become an increasing focus.
This is part of a wider trend of openness and intelligence-sharing around cyber security that we have seen worldwide, for example with agencies beginning to call out those launching state-sponsored attacks, as the NSA does throughout the report. Historically, such openness has not been common from the security services, but it is something that is becoming more prevalent – for example, the UK government’s own Russia Report.
With the open identification of enemies, alliances are being tacitly forged between like-minded nations against a common foe. This, again, is something Biden directly addressed in his January statement, saying that the increased funding for cyber security will help the US “work with our allies and friends to ensure the cyber rules of the road are made by democracies”.
The power of greater international cooperation in tackling malicious activity was recently demonstrated in the coordinated takedown of the Emotet botnet in January. A collaborative effort between nations including the US – alongside the Netherlands, Germany, the UK, France, Lithuania, Canada and Ukraine – disabled one of the most persistent threat groups that has faced individuals and organisations over recent years.
Cyber criminals have long exploited the complexity of enforcing cyber security law across borders, but the Emotet takedown demonstrates that there is a method of closing these gaps through international collaboration.
Indeed, collaboration may become the common theme of the Biden administration’s cyber security programme. Whether it is across government departments, with the private sector, or between nations, increased openness, transparency and coordination has already proved to be effective in tackling international cyber criminal activity and improving the US’s national security posture in the process.
