A report released by the Foundation for Defense of Democracies (FDD) on Sept. 19 argues that Congress should take another look at legislative recommendations published by the Cyberspace Solarium Commission to shore up U.S. cyber defenses and decide whether to enact them.
While the report recounts that about 70 percent of the commission’s recommendations have been implemented by Congress since 2020, it also says the remaining recommendations are ones that legislators still need to consider.
“Significant work remains necessary to build an effective cybersecurity partnership between the public and private sectors,” the report says. “This will require a careful balancing of incentivization, collaboration, and, only where necessary, regulation across and between each of the country’s critical infrastructure sectors.”
The Cyberspace Solarium Commission was created back in 2019 by the National Defense Authorization Act to “develop a consensus on a strategic approach to defending the United States in cyberspace against cyber-attacks of significant consequences.”
Among the commission’s recommendations that have become law since then are measures to establish the Office of the National Cyber Director, and to firm up authorities of the Cybersecurity and Infrastructure Security Agency.
Some of the key recommendations that the Federal government needs to work on, this week’s report says, include the following:
- Create House Permanent Select and Senate Select Committees on Cybersecurity.
- Establish Liability for Final Goods Assemblers;
- Fund research and development centers to explore cybersecurity insurance certificates; and
- Reassess and amend use of force rules.
“Russia and China have conducted significant espionage attacks on the U.S. government and industries and have reportedly embedded malware in U.S. critical infrastructure to facilitate future nefarious activity,” stated Sen. Angus King, I-Maine, and Rep. Mike Gallagher, R-Wis., in the new report. “Criminal actors have also expanded both ransomware and cyber theft activities. We cannot afford to pause in the pursuit of enhanced cybersecurity,” the lawmakers said.