White Papers

Cybersecurity Lessons from the Pandemic

By Cyberspace Solarium Commission

This white paper highlights over 30 recommendations from the March 2020 report, along with four new recommendations.

The COVID-19 pandemic is challenging our resilience on a national scale and illustrates the challenges with building and maintaining resilience in a modern, connected world. The lessons the country is learning from the ongoing pandemic are not perfectly analogous to a significant cyberattack, but they offer many illuminating parallels. As a result, the pandemic highlights the importance of many of the Commission’s recommendations. The Commission’s “Pandemic Annex” collects observations from the pandemic as they relate to the security of cyberspace, in terms of both the unique cybersecurity challenges it creates and what it can teach the United States about how to prepare for a major cyber disruption. It also offers a few new recommendations that were created in light of gaps identified as a result of the pandemic.

The white paper highlights over thirty of the Commission’s original recommendations that were published in March 2020. These recommendations include:

  1. Establishing a National Cyber Director to coordinate the federal government’s incident response activities and serve as the focal point for private sector leaders to engage the executive branch on cybersecurity issues,
  2. Substantially modifying the Commission’s original recommendation to expand the update of secure cloud services to now call on Congress to include digitization grants to state, local, territorial, and tribal governments as part of COVID-19 stimulus,
  3. Developing and maintaining continuity of the economy planning to ensure continuous flow of goods and services regardless of a disruption’s cause, and
  4. Building societal resilience to disinformation.

The white paper also notably adds four new recommendations. These include:

  1. Urging Congress to pass an Internet of Things Security Law
  2. Increasing support to nonprofits that assist Law Enforcement efforts to combat cybercrime and support victims
  3. Support for establishing a Social Media Data and Threat Analysis Center
  4. Increasing nongovernmental capacity to identify and counter foreign disinformation and influence campaigns.