Effective national policy needed to protect the cyber domain
Our world is increasingly reliant on the cyber domain and the connections that it creates. We live in a world where the "internet of things" includes the smartphones and computers we use every day and also seemingly benign objects such as factory robots and appliances in our homes. This digital connection to the world around us brings great convenience, efficiency and prosperity, but vulnerability accompanies it.
Early this month, the discovery of two critical flaws in the design of processing chips found in most of our devices reaffirmed this fact.
Until recently, we were not paying enough attention to security in the cyber domain. Hardware, software and network designers often prioritized performance over security. However, our adversaries were paying attention, and the risk of cyberattack and data breaches is increasing.
Cyberspace is a borderless domain that leaves loopholes for our enemies. As stated in the National Security Strategy (NSS), cyberspace provides "opportunities to seriously damage or disrupt critical infrastructure, cripple American businesses, weaken our Federal networks, and attack the tools and devices Americans use every day." In short, a cyberattack could threaten any of us, and originate from anywhere, at any time. Cybersecurity is not just a domestic policy issue; it is a national defense issue.
The recently released National Defense Strategy unequivocally identifies cyberspace as a warfighting domain and promises further investment to ensure our continued relevance in cyberspace. Congress is heeding the call. The recently passed National Defense Authorization Act takes steps ensuring the security of our acquisition programs by limiting influence of foreign-made technology. It also calls on the president and secretary of defense to develop a national cyber policy that ensures we integrate our considerable cyber capabilities across the government.
National defense is more than just military policy. That's why we also enhanced cybersecurity education programs by authorizing $10 million this fiscal year for scholarships and grants to help colleges train students in cyber education, and $8 million for education of military reserve and National Guard members. We added additional support to promote educator recruitment in cybersecurity and improve teaching methods and computer science curriculums for kindergarten through grade 12.
Good national policy starts at the state and local level. I'm proud Colorado's 5th Congressional District leads the way in this arena. The Colorado Springs community is home to more than 80 cybersecurity employers, including five designated as workforce training organizations.
Strong partnerships between employers, government and academia — fueled in part by federal workforce and small-business development efforts — is bridging critical skills gaps between training and hiring. Continued development of our highly skilled cyber workforce is a minimum requirement if our country is to lead the way.
The recently established National Cybersecurity Center (NCC) provides public officials and employers nationwide with training and leadership to collaborate, respond and recover from cyberattacks. The NCC demonstrates the critical importance of addressing cybersecurity holistically as a national goal rather than segmenting between public, private and defense sectors.
Our local military partners understand this well. In 2016, the Air Force stood up its CyberWorx venture at the U.S. Air Force Academy. CyberWorx is a joint public-private effort to foster ingenuity and resolve problems requiring timely, innovative solutions. With assistance of the Catalyst Campus' Center for Technology, Research and Commercialization, CyberWorx teamed with nearly 50 industry and academic organizations its first year alone, and the Air Force has directed further expansion. Catalyst Campus itself is a "collaboratory" where innovative small businesses actively collaborate with government to discover, develop and rapidly prototype solutions to military space and cyber problems.
As stated in the NSS, "Protection from persistent cyberattacks is needed to support America's future growth." Colorado's 5th Congressional District leads the way on public-private partnerships to accomplish just that.
We can do more. The lack of a stable budget for our military prevents their advances in cyberspace, and Congress owes it to the nation to pass a budget and fully fund our defense. Furthermore, Congress should continue to invest in cybersecurity through strong national policy to promote effective public-private cybersecurity partnerships, limit unnecessary regulation and further protect national interests in cyberspace. Strong cybersecurity protects all Americans. We must do everything we can to ensure access, reliability and protection in this domain.
• Rep. Doug Lamborn, Colorado Republican, serves on the House Armed Services Committee and the House Natural Resources Committee, where he is Chairman of the Subcommittee on Water, Power and Oceans.