A group of 40 public and private sector experts unveiled a report Tuesday that lays out more than three dozen cyber policy recommendations for the next administration to prioritize when elected in November.
The suggested plan of action – spearheaded by Auburn University’s McCrary Institute for Cyber and Critical Infrastructure – is a follow-up to the report released last month by CSC 2.0, the private sector successor to the government’s Cyberspace Solarium Commission.
The Presidential Transition Task Force Report is led by dozens of former Federal leaders, including the executive director of CSC 2.0 retired Navy Rear Adm. Mark Montgomery and McCrary Institute’s director and previous special assistant for homeland security to President George W. Bush Frank Cilluffo. The report offers 39 recommendations to the incoming president, including five actions that should be completed within the first 100 days in office.
“The incoming administration has the chance to take decisive action, implementing a whole-of-nation approach that harnesses the collective power of government, industry, and individual citizens to secure our digital future,” the report says.
“This is not just about defending against threats; it’s about positioning the United States to maintain the lead in the growing global digital economy, fostering innovation, and preserving the values that define us as a nation, recognizing that cybersecurity now impacts every aspect of American life – from our economy and national security to our daily personal interactions and democratic processes,” it adds.
The report notes five immediate actions that the incoming administration should prioritize that will “address major systemic issues promptly”: establish a high-level task force to begin the process of regulatory harmonization; initiate a comprehensive review of the national cybersecurity strategy; launch a national initiative to address the cybersecurity workforce shortage; convene a summit of industry leaders to strengthen public-private partnerships and develop concrete plans for enhancing the security of critical infrastructure; and begin the process of developing a national Continuity of the Economy plan to ensure the ability to maintain essential economic functions in the face of significant cyber disruptions.
The report also offers insight into much larger cyber goals the next administration should pursue over four years across eight different categories:
- Harmonization of cybersecurity regulation;
- Strengthening government coordination;
- Cost imposition and deterrence;
- Resilience;
- Shaping the international environment;
- Workforce development;
- Critical and emerging technologies; and
- Resources, economy, and continuity.
Key recommendations across these categories include establishing a cross-agency task force to streamline and coordinate cybersecurity regulations and developing a common set of cybersecurity standards.
“The current regulatory landscape for cybersecurity is a patchwork of overlapping, sometimes conflicting mandates that often hinder rather than help our security efforts,” the report says. “The urgency of [harmonizing cyber regulations] cannot be overstated. Our fragmented regulatory approach is not just inefficient; it’s dangerous, creating vulnerabilities that our adversaries are all too eager to exploit.”
Other key recommendations include developing a comprehensive offensive strategy to proactively disrupt and degrade adversary capabilities and creating a national-level exercise program to test and improve our cyber resilience.
“[The report] actually looks clear-eyed at what the underlying nature of cyberspace is and then comes up with some very clear-eyed recommendations that are actionable at every turn,” said former National Cyber Director Chris Inglis. “It took a hard look at what our dependencies are on digital infrastructure and tried to determine what further work should we undertake to make sure it meets our expectations.”
He continued, “So, if you’re on a transition team … and at this moment you’re trying to figure out what do I do about putting cyber in the right place, this is a really useful primer.”
