Logo

American Security Council Foundation

Back to main site

Alan W. Dowd is a Senior Fellow with the American Security Council Foundation, where he writes on the full range of topics relating to national defense, foreign policy and international security. Dowd’s commentaries and essays have appeared in Policy Review, Parameters, Military Officer, The American Legion Magazine, The Journal of Diplomacy and International Relations, The Claremont Review of Books, World Politics Review, The Wall Street Journal Europe, The Jerusalem Post, The Financial Times Deutschland, The Washington Times, The Baltimore Sun, The Washington Examiner, The Detroit News, The Sacramento Bee, The Vancouver Sun, The National Post, The Landing Zone, Current, The World & I, The American Enterprise, Fraser Forum, American Outlook, The American and the online editions of Weekly Standard, National Review and American Interest. Beyond his work in opinion journalism, Dowd has served as an adjunct professor and university lecturer; congressional aide; and administrator, researcher and writer at leading think tanks, including the Hudson Institute, Sagamore Institute and Fraser Institute. An award-winning writer, Dowd has been interviewed by Fox News Channel, Cox News Service, The Washington Times, The National Post, the Australian Broadcasting Corporation and numerous radio programs across North America. In addition, his work has been quoted by and/or reprinted in The Guardian, CBS News, BBC News and the Council on Foreign Relations. Dowd holds degrees from Butler University and Indiana University. Follow him at twitter.com/alanwdowd.

ASCF News

Scott Tilley is a Senior Fellow at the American Security Council Foundation, where he writes the “Technical Power” column, focusing on the societal and national security implications of advanced technology in cybersecurity, space, and foreign relations.

He is an emeritus professor at the Florida Institute of Technology. Previously, he was with the University of California, Riverside, Carnegie Mellon University’s Software Engineering Institute, and IBM. His research and teaching were in the areas of computer science, software & systems engineering, educational technology, the design of communication, and business information systems.

He is president and founder of the Center for Technology & Society, president and co-founder of Big Data Florida, past president of INCOSE Space Coast, and a Space Coast Writers’ Guild Fellow.

He has authored over 150 academic papers and has published 28 books (technical and non-technical), most recently Systems Analysis & Design (Cengage, 2020), SPACE (Anthology Alliance, 2019), and Technical Justice (CTS Press, 2019). He wrote the “Technology Today” column for FLORIDA TODAY from 2010 to 2018.

He is a popular public speaker, having delivered numerous keynote presentations and “Tech Talks” for a general audience. Recent examples include the role of big data in the space program, a four-part series on machine learning, and a four-part series on fake news.

He holds a Ph.D. in computer science from the University of Victoria (1995).

Contact him at stilley@cts.today.

U.S. Lacks Key Abilities to Avert Cyberattacks, Commission Says

Thursday, March 12, 2020

Categories: ASCF News Emerging Threats Cyber Security

Comments: 0

WASHINGTON—The U.S. government needs to adopt structural changes not seen since the aftermath of the 2001 terrorist attacks to confront proliferating cyber threats that increasingly endanger national and economic security, a government commission has concluded.

The Cyberspace Solarium Commission will release a report Wednesday detailing the results of a monthslong study, calling for changes ranging from modifications of existing functions to the substantial overhaul of the federal government.

One recommendation, for example, urges the creation of new committees in Congress dedicated solely to cybersecurity. Another calls for creation of a Senate-confirmed post of national cyber director in the White House.

In sometimes stark language, the commission assesses bluntly that the U.S.’s current approach to preventing or mitigating damage from cyberattacks is fundamentally flawed and in need of immediate change.

“The U.S. is currently not designed to act with the speed and agility necessary to defend the country in cyberspace,” the report said. “Our country has lost hundreds of billions of dollars to nation-state-sponsored intellectual property theft using cyber espionage.”

The report says the U.S. must better prepare for a major cyberattack that could, for example, “create chaos and lasting damage exceeding that wreaked by fires in California, floods in the Midwest, and hurricanes in the Southeast.”

The commission is a congressionally mandated body formed last year and led by bipartisan members of Congress and current and former officials from various federal agencies.

Authors of the report acknowledged in interviews that several recommendations may be difficult to achieve, even in the long term, given political hurdles and Washington’s tendency to stick to the status quo in the absence of crisis.

“This is the 9/11 Commission report without 9/11,” said Sen. Angus King, a Maine independent who caucuses with Democrats and co-chaired the commission. “We understand that this is a tall order.”

A core theme of the 182-page report is that successive presidential administrations have largely failed to deter Russia, China and other adversaries, including criminal groups, from carrying out increasingly debilitating cyberattacks. Cyber policy experts have discussed deterrence for years but have found that traditional tools—such as sanctions or indictments—yield little to no change in behavior.

The report outlined a three-tiered strategy of “layered cyber deterrence” to reduce the consequences of cyberattacks. Those layers include shaping acceptable international norms in cyberspace, denying benefits to adversaries seeking gain through cyber capabilities and imposing greater costs—including direct retaliation when necessary—on those who do.

“The three layers of cyber deterrence rest on a common foundation: the need to reform how the U.S. government is organized to secure cyberspace and respond to attacks,” the report said.

Several other commissions have studied cybersecurity and recommended dramatic new approaches by the federal government. But those typically haven’t involved current members of Congress or senior leadership from federal agencies.

Four U.S. lawmakers are serving on the 14-member Cyberspace Solarium Commission, as well as senior national security officials, including Federal Bureau of Investigation Director Chris Wray and Chris Inglis, former deputy director of the National Security Agency.

The commission’s goal of a bipartisan, bicameral consensus around strategies to better defend the U.S. in cyberspace was lauded by experts. “We are stuck in a rut on the key cyber policy issues of our time,” said Sasha O’Connell, a former senior FBI official who worked on technology policy issues. She added the commission “is a huge success in moving us out of this stuck spot.”

But Ms. O’Connell, who teaches cyber policy governance at the School of Public Affairs at American University, said the effort suffered from a lack of involvement from major technology companies, such as Google parent Alphabe t Inc. and Microsoft Corp. Also absent, she said, were smaller businesses that are disproportionately affected by cyberattacks and have relatively few resources to address them.

The commission held more than 300 meetings with private industry and other stakeholders and included the chief executive of an energy firm among its members. Silicon Valley involvement, however, would have “enhanced the commission’s credibility at a minimum and potentially its recommendations as well,” Ms. O’Connell said.

Among more than 75 recommendations, the commission calls for new stand-alone committees in the House and Senate dedicated exclusively to cybersecurity. The new committees, modeled after the creation of the intelligence committees in the 1970s, would seek to integrate oversight of the federal government’s cybersecurity efforts under one congressional body.

Currently, dozens of committees and subcommittees claim some responsibility for federal cybersecurity matters. Commission members acknowledged that the recommendation to overhaul Congress would be difficult to achieve and may require years of lobbying to receive serious consideration.

During sometimes contentious meetings held on Capitol Hill, the commission wrestled with cyber policy questions that have bedeviled experts for decades but often led to inaction. To combat inertia, the report includes an appendix of draft legislation for recommendations requiring an act of Congress.

Lawmakers on the commission said they intended to introduce some of that legislation in coming weeks and noted that parts of it closely resemble existing legislative proposals.

“It is our hope that we will be able to immediately inject some of the recommendations into the bloodstream of Washington,” said Rep. Mike Gallagher (R., Wis.), who co-chaired the commission.

Lawmakers on the commission said they intended to introduce some of that legislation in coming weeks and noted that parts of it closely resemble existing legislative proposals.

“It is our hope that we will be able to immediately inject some of the recommendations into the bloodstream of Washington,” said Rep. Mike Gallagher (R., Wis.), who co-chaired the commission.

Photo: ‘This is the 9/11 Commission report without 9/11,’ said Sen. Angus King, a Maine independent who caucuses with Democrats and co-chaired the commission. PHOTO: TOM WILLIAMS/ZUMA PRESS

Link: https://www.wsj.com/articles/u-s-lacks-key-abilities-to-avert-cyber-attacks-commission-says-11583882786

Comments RSS feed for comments on this page

There are no comments yet. Be the first to add a comment by using the form below.