CSC 2.0 Reports

Securing America’s Digital Future: A Bipartisan Cybersecurity Roadmap for the Next Administration

By Frank Cilluffo, Mark Montgomery, George Barnes, Joshua Whitman

A Report by the McCrary Institute for Cyber and Critical Infrastructure at Auburn University and the Cyberspace Solarium Commission 2.0

download report

Executive Summary

The United States stands at a critical juncture in its cybersecurity journey. As we navigate an increasingly complex and interconnected digital landscape, the challenges we face are not merely technical but existential, threatening the very foundations of our national security, economic prosperity, and democratic way of life. This report, building upon the groundbreaking work of the Cyberspace Solarium Commission while addressing current gaps and emerging threats, presents a comprehensive roadmap for the incoming administration to secure America’s digital future.

The scope and severity of cyber threats facing our nation cannot be overstated. In fact, these threats represent an existential threat to our democratic way of life. From state-sponsored attacks and cyber espionage to the relentless surge of ransomware targeting our critical infrastructure, the cyber domain has become a battlefield where our adversaries seek to undermine our strengths and exploit our vulnerabilities. The costs are staggering – hundreds of billions of dollars annually in economic losses are predecided, not to mention the incalculable damage to our national security and the erosion of public trust in our institutions.

Yet, amid these challenges lies an unprecedented opportunity. The incoming administration has the chance to take decisive action, implementing a whole-of-nation approach that harnesses the collective power of government, industry, and individual citizens to secure our digital future. This is not just about defending against threats; it’s about positioning the United States to maintain the lead in the growing global digital economy, fostering innovation, and preserving the values that define us as a nation, recognizing that cybersecurity now impacts every aspect of American life – from our economy and national security to our daily personal interactions and democratic processes

Cybersecurity is inextricably linked to our nation’s economic competitiveness on the global stage. It’s not just about protecting our assets; it’s about maintaining America’s technological edge and economic leadership. Strong cybersecurity measures are critical for protecting intellectual property, maintaining business continuity, and fostering innovation. In an increasingly digital global economy, our cybersecurity capabilities directly impact our ability to compete and lead in key industries and emerging technologies. As such, the recommendations in this report should be viewed not only through the lens of national security but as essential components of a comprehensive strategy to enhance America’s economic competitiveness.

This report outlines eight critical themes that demand immediate attention and sustained effort:

  1. Harmonization of Cybersecurity Regulation
    • Conducting a comprehensive review of cybersecurity-related statutes and regulations to identify gaps and inconsistencies.
    • Establishing a cross-agency task force to streamline and coordinate cybersecurity regulations.
    • Developing a common set of cybersecurity standards adaptable to sector-specific needs.
  2. Strengthening Government Coordination
    • Enhancing the role and authorities of the Office of the National Cyber Director.
    • Strengthening CISA’s capabilities and mandate.
    • Improving coordination with state, local, tribal, and territorial governments.
  3. Cost Imposition and Deterrence
    • Developing a comprehensive offensive strategy to proactively disrupt and degrade adversary capabilities.
    • Establishing a designation process for state sponsors of cybercrime.
    • Enhancing our ability to attribute attacks and hold bad actors accountable.
  4. Resilience
    • Developing a comprehensive system for critical asset identification and prioritization.
    • Establishing sector-specific security standards for both IT and OT systems.
    • Creating a national-level exercise program to test and improve our cyber resilience.
  5. Shaping the International Environment
    • Strengthening the State Department’s cyber diplomacy efforts.
    • Promoting an open, interoperable Internet globally.
    • Enhancing international cooperation on cybersecurity standards.
  6. Workforce Development
    • Developing a national K-12 cybersecurity curriculum.
    • Expanding programs like CyberCorps and Scholarship for Service.
    • Creating flexible volunteer systems and employment arrangements to leverage private sector expertise.
  7. Critical and Emerging Technologies
    • Creating a unified national list of critical and emerging technologies.
    • Enhancing supply chain security for critical technologies.
    • Developing a quantum-safe cryptography transition plan.
  8. Resources, Economy, and Continuity
    • Significantly increasing budget and resources for Sector Risk Management Agencies.
    • Enhancing NIST funding to support its critical work in developing cybersecurity standards.
    • Conducting robust Continuity of the Economy planning.

Visit Auburn University’s McCrary Institute for more information