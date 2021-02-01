The events of January 6 at the headquarters of the US Congress covered the feelings of excitement that Joe Biden’s inauguration had aroused the continuing repercussions of the massive breach of Solar Winds Corp. data by suspected Russian hackers. But what can the new government team do to keep the country safe in cyberspace?

Let’s start with the breakout size. SolarWinds was a major seller to tens of thousands of customers, including hundreds of companies among Forbes magazine’s list of 500 largest companies in the United States and almost the entire American government. It says at least 18,000 institutions have been affected by the attack.

Solar Windows provides an important service to its customers, which is to ensure that versions of their computer programs are updated in a timely and efficient manner, giving it access to all of its customers’ networks and databases. Therefore, through their infiltration into “Solar Winds”, the pirates were able to access this huge list of companies.

The size of the attack was very large, bearing in mind that there are still many things that we still do not know about him. This is due in part to the sophistication and level of resources available to hackers, and in part to the fact that there is still a limited culture of sharing the results of breaches between elements of the public and private sectors.

Despite the offensive superiority of cyber criminals, collectively the United States can do better in self-defense. But SolarWinds is a clear example that technology alone cannot solve cybersecurity problems. Even the highly sophisticated intrusion detection system that the Department of Homeland Security possesses could not prevent the hackers from operating without being exposed for nearly a year.

This means that companies and the US government must give greater priority to supply chain security and third-party risk management to eliminate attackers in the first source of risk. And if the target this time is Solar Windows, then there are thousands of other software companies that may be next on the list of targets.

Undoubtedly, the Biden administration faces many pressing international security issues, such as: returning to the Iranian nuclear agreement (or not), resuming negotiations with North Korea, developing a coherent strategy for dealing with China, establishing a partnership with India, and restoring a smooth relationship with the European Union, Among others. The challenge that worries me most, however, is the cybersecurity vulnerabilities in sensitive infrastructures and democratic institutions against external, state and non-state actors.

Therefore, one of the first things to do is produce the excellent report released by the Federal Cyberspace Commission and follow most of its recommendations. The report, released last July, is replete with bright and specific ideas and proposals for improving America’s cybersecurity policy. Among the organizational ideas included in the report is the introduction of serious representation of cyberspace experts to the White House, and a position in the “National Security Council” with sufficient power to warrant confirmation of its occupant by the Senate.

The new administration should also create an integrated cyber force. The Trump administration was right when it created a space force, recognizing that the US national security is highly dependent on the ability to operate in space, and that securing it requires specific skills focused on a single institution. Likewise, we are late to establishing an independent and elitist branch of the armed forces in which all employees wake up every morning contemplating defending the country in cyberspace.

Another step, long overdue and long overdue, is the separation of the “National Security Agency” and “American Cyber ​​Command.” The former is an intelligence gathering body that should be led by a high-ranking civilian, preferably with a training in law and cybersecurity. The second is a military combat command that falls under the command of a four-star officer. These two leaderships are now led by the same person, the head of the Pentagon’s “cyber command”. However, each one of them is too big, important, and more different to share as one leader.

Of course, the two agencies will continue to share information and remain linked along the lines of the CIA and Defense Department. However, with the passage of time, each of them will be strengthened as a result of an official separation. If Congress authorized this separation, the Secretary of Defense has not yet ratified the change.

There are many other ideas that the new administration should research and study, from a cyber-insurance architecture (similar to flood insurance) to stipulating higher levels of transparency than companies when they are exposed to hacking or cyber attacks. These are long-term discussions. However, the SolarWinds hack shows the need for public and private entities to move intelligently to improve the level of protection in cyberspace. There is no doubt that the commission’s report, the creation of a cyber force, the separation of the “National Security Agency” and “Cyber ​​Command” … are all good beginnings.

* A retired admiral in the US Navy and former commander-in-chief of NATO

And Honorary Dean of the Fletcher School of Law and Diplomacy at Tufts University

To be published in a special arrangement with the Washington Post and Bloomberg News Service.