U.S. cybersecurity needs a complete overhaul to be effective, Congressional committee says

The bad news: this will take a while to implement.

Tom Williams/CQ-Roll Call, Inc./Getty Images

An official commission has announced plans to overhaul the way the U.S. government treats cybersecurity in an attempt to improve the country’s defense against internet attacks.

The Cyberspace Solarium Commission, which was created as an act of Congress in 2018, has big plans for the future of the U.S.’s cybersecurity tactics. After completing 30 meetings and 300 interviews, the commission has made more than 75 recommendations for implementation.

The recommendations amount to no less than a complete modernization of the country’s cybersecurity strategy. With modern cyberspace evolving at a neck-breaking pace, we need to update our protections as swiftly as possible. And that’s where we might face some problems.

New offices and training — Some of the most transformative recommendations made by the commission revolve around the creation of new federal offices tasked specifically with national cybersecurity. That includes a full Bureau of Cyber Statistics, as well as a Senate-confirmed National Cyber Director and both House and Senate Cybersecurity Committees.

The commission also recommends updated training for existing agencies such as the cyber arm of the Department of Homeland Security and the State Department. It also calls for increased cybersecurity training for the military.

But this will take a while — The Solarium Commission makes excellent points in recommending a fairly all-encompassing revamp of the federal government’s cybersecurity preparedness strategy. Here’s the issue: bureaucracy. The creation of entirely new government offices is not a speedy process — not by a long shot. Neither is the implementation of new training protocols.

The slowest processes will be the ones that would require support from the White House. President Trump is notoriously unwilling to review cybersecurity policy for fear of greater questioning of his presidency.

The commission’s recommendations are warranted; cybersecurity policy in the U.S. has failed to match the growth of the internet for a very long time indeed. But that’s unlikely to change any time soon — and, by the time it does, there’s sure to be a wealth of new cyber-problems to deal with. The government will need to expedite its processes if it ever hopes to do more than play infinite catch-up.