Final Draft
Ajaybaby40
Capstone_RevisedDraft_AmponsahKubiakComments.docx19
Topic: The evolution of the US Cyber Strategy
Adjoa N. Amponsah
Arizona State University
Course Title: GSC 550: Capstone
Instructor: Prof. Kubiak
November 13, 2022
Cyber Strategy
The security and prosperity of the United States highly depend on how it responds to challenges and opportunities in cyberspace. National defense, critical infrastructure, and the daily lives of U.S. citizens rely on interconnected information technologies. New vulnerabilities and threats have always emerged throughout history, forcing the country to develop cyber strategies to address them (Aljohani, 2022). The U.S. cyber strategy has evolved over the years to improve its efficiency in addressing emerging cyber threats. For the last two decades, the published National Security Strategy has treated cyber issues differently. The paper analyses the budgetary issues of the Department of Defense (DoD) cyber-related strategic development within the Department of Defense (DoD) since 2000 and recommends future cyber strategies to help the country address cyber threats and vulnerabilities better. Comment by Jeff Kubiak: Do you actually get to budgetary numbers? Or are you looking at more narrative and organization?
Evolution of Strategy Strategy Since 2000
Playing offense: JFCC-NW & NSA
After the attack on September 11, 2001, the Bush administration developed various legislations and published numerous documents that shaped U.S. cybercrime policies (LaFree, 2022). Most notably, the Homeland Security Act, which in 2003 established the Homeland Security department; the Patriot Act, which expanded the surveillance reach of the National Security Agency to fight both foreign and domestic terrorism; and the National sStrategy publication to sSecure cCyberspace (White House, 2002). National Strategy to Secure CyberspaceThe Nation Strategy publication on securing cyberspace required the security agencies to improve their attribution capabilities, strengthen their efforts on counterintelligence, deconflict coordination of interagency, and pronounced the U.S. to reserve the right to respond in an appropriate manner to terrorist groups, state, and any adversarial cyberattacks.
Although the policies changed the cyberspace posture in the U.S. to be more deterring, and responsive to cyber threats, it is unclear if the concerned agencies got the capacities or if it was just established as mere legal capacity without assembling the capabilities (Soesanto, 2019). For instance, the Government Accountability Office designated the DHS creation as high risk as the government transformed twebnty-two agencies, the majority with management challenges, into a single department. Failing to effectively resolve the program and management challenges arising from such efforts could put U.S. national security at high risk. Unsurprisingly, the NSA's role under the Bush administration negatively affected the Department of Defense. In 2003, the Department of Defense's offensive mission was moved to a Network Attack Support Staff from the Joint Task Force-Global Network Operations, which was under the control of STRATCOM but housed at the headquarters of NSA in Fort Meade, Maryland. By January 2005, the support staff consolidated into JFCC-NW (Joint Functional Component Command – Network Warfare) and was commanded by the NSA Director (LaFree, 2022). Therefore while on the defensive end of the DoD, the DISA Director acted as a dual JTF-GNO, the NSA director operated on the offensive end of the DoD as the JFCC-NW dual head making strategy management challenging. Comment by Jeff Kubiak: Not clear why this wasn't surprising. Comment by Jeff Kubiak: There is a lot going on here, and with all the acronyms, it gets a little confusing, but this is a nice point.
While on the paper, the U.S. Department of Defense's cyber strategy looked clearly organized and well split, its operational results generated a history of mixed outcomes. The Joint Task Force-Computer Network Operations (JTF-CNO) did well against various worms and viruses that hammered worldwide networks in the early 2000s. However, in 2003, there was a series of well-coordinated computer intrusions into the unclassified systems of the Army Space and Strategic Defense Command, DISA, the State Department, various DoD contractors, and another government system, which went for various months undetected. After investigations by Shawn Carpenter, a network security analyst, these attackers were later traced back to Chinese routers located in Guangdong. Comment by Jeff Kubiak: Citation needed.
The 2003 data breaches are generally considered the first incident of Chinese-sponsored cyber-espionage against the United States government targets. However, a Byzantine Candor, a group of people, could have been the very first Chinese-state-associated actors to undertake computer network exploitation against the government of the U.S. targets. The group was based in Shanghai and has targeted the US government-owned agencies since 2002. Some of the targeted systems included that of the State Department, the Department of Energy, and commercial networks and systems. The JFCC-NW, on the offensive end, was confronting its existential problems when, in May 2004, videos demonstrating the execution of Nicholas Berg, an American freelance journalist, popped up on Jihadi websites. Comment by Jeff Kubiak: Again, citation needed.
In 2006, the DoD published the National Military Strategy for Cyber Operations (NMS-CO), its first cyber strategy, which demonstrated the intent of the Pentagon to attain military strategic cybersecurity superiority to deal better with cyber security threats and advance U.S. interests. The strategy aimed at deterring malicious adversaries’y use of cyberspace use while enhancing confidence, freedom of action, and trust in U.S. cyber operations. The U.S. sought to influence their adversaries’ decision-making processes through deterrence by imposing economic, political, or military costs. The U.S governement needed this cyberspace superiority to defend and shape cyberspace, tag, locate and track terrorists in various domains such as cyberspace, and effectively respond to attacks on the U.S. critical infrastructure. All these advantages were achieved through the kinetic missions conducted by the DoD to preserve strategic advantage and freedom of action in cyberspace. For instance, a US drone strike in 2015 took out Junaid Hussain, an ISIS hacker, at a petrol station in Syria, marking the first publicly known incident of an enemy cyber actor being targeted while on the kinetic battlefield (Mostafa & Faragallah, 2019). Comment by Jeff Kubiak: Citation.
Estonia 2007
In May 2007, the Department of Defense discovered it was missing a substantial piece of the cyber defense puzzle. Estonia, a US-NATO ally, was pummeled for twenty-two days straight with a politically motivated DDoS attack for transferring a Soviet-era monument to Tallinn's outskirts from its center., Policy analysts of policies were divided into two. The European side believed that the attacks were the start of cybermageddon and evidence of the hybrid warfare doctrine of Russia. The Estonia incident demonstrated the stark contrast between the technical people and those responsible for articulating national security policies as an intervention for efficient response to cyber threats (Mostafa & Faragallah, 2019). Shortly, the cybermageddon collapsed, and the Estonian officials admitted that, without technical evidence, linking Russia with the DDO attack was shaky. During this time, NATO had not acknowledged cyberspace as a critical military operation domain. Comment by Jeff Kubiak: One of the two sides...where is the other one?
The Comprehensive National Cybersecurity Initiative 2008
In 2008, the U.S. developed the Comprehensive National Cybersecurity Initiative. President Bush, in January 2008, signed the National Security Presidential Directive 54 (NSPD-54) and HSPD-23 (Homeland Security Presidential Directive 23) to coordinate the government in a better way and enhance the U.S. capability in deterring, protecting, detecting, classifying, attributing, monitoring, interdiction and any other approach to protect access by unauthorized people into the U.S. National Security systems, private sector critical infrastructure systems and Federal systems (Yu et al., 2021). The Department of Homeland Security was assigned the duty to defend, protect and decrease vulnerabilities of the national systems through the leadership of the department's secretary(Soesanto, 2019). There were no changes in the Defense Secretary as his duties and responsibilities still covered defense and directing operations of the DoD's information system, giving warnings and indications to the Homeland sSecurity Department concerning threats coming from outside the U.S., and coordinating the State Secretary to work with international organizations and foreign nations on international cybersecurity aspects.
The Comprehensive National Cybersecurity Initiative (CNCI) established various cyber-related programs that mainly focused on three major objectives: creating a front-line defense against immediate threats by establishing or improving shared situational awareness of threats, network vulnerabilities, and events within the national government (Botelho et al., 2021). Secondly, the U.S. counterintelligence capabilities were enhanced against the full spectrum of threats by improving supply chain security for crucial information technologies. The third strategy is strengthening the cybersecurity future environment by establishing and developing strategies for deterring malicious or hostile cyberspace activities. The Pentagon experienced its most substantial breach of the network to date, with the scramble to transform the CNCI into practical results, and therefore a lesson that informed need for strengthening the Unites States cybersecurity’s future environment.
Operation Buckshot Yankee 2008
In in mid-November 2008, the U.S. Strategic Command suspended the utilization of all removable devices from its systems and networks to contain "“Agent.btz"”, a virus that had infected non-governmental systems of Windows for some months (Soesanto, 2019). As per the internal emails in the DoD, members of services were ordered to stop using USB storage until the devices were well scanned and established to be free from malware. The Agent.btz malware is believed to have struck the U.S. Central command very hard, which oversaw the U.S. involvement in Afghanistan and Iraq, and penetrated classified networks that are highly protected. This incident forced senior leaders in the DoD to go for exceptional action of the President about the widespread and severe electronic attack on the Department of Defense's computers that might have come from Russia, an incursion that caused unusual cyber concern and created possible negative implications for national security. Willian Lynn, the former Deputy Defense Secretary explained that the foreign intelligence agency placed the malicious computer code in a flash drive and uploaded itself into the U.S. Central Command's network. The code spread undetected on unclassified and classified systems to determine what amounted to the digital breaches from the data that could be moved to servers.
In 2011, NSA analysts established the existence of Agent.btz, after the malware beaconed out on the network used by the sState and DoD in transmitting lowly-classified material communication systems of the Joint World Wide Intelligence, which carries the U.S. top-secret information throughout the world (Soesanto, 2019). To neutralize the virus "Agent.btz" and safeguard the Department of Defense networks, the U.S. turned into the NSA's Advanced Network Operations (ANO) team, which dealt with all suspicious activity within the U.S. government networks. The Advanced Network Operations (ANO) wrote an anti-virus program that recognized the Agent. btz's becoming signal and transmitted a response, subjecting the malware to rest. Comment by Jeff Kubiak: Citation.
The Obama Administration: Cyberspace Policy Review
The Obama administration ordered a 60-day review named "clean state" in January 2009 to evaluate the existing policies and structures of cybersecurity. The White House published the review's outcome four months later, disallowing the status quo. The country's intention to demonstrate its seriousness with issues of cyber security became serious through vision and leadership. The cybersecurity policy built on the CNCI by recommending a strategy that brings like-minded countries on various issues, including acceptable norms towards sovereign responsibility, the use of force, and territorial jurisdiction (Napetvaridze & Chochia, 2019). There was a recommendation for the appointment of the cyber security policy coordinator in the White House to elevate cybersecurity-related issues leadership. Comment by Jeff Kubiak: Nice point.
Stuxnet Deployment
While the Cyberspace Policy Review's discussions were going on among members of the public, the Obama government tackled in secret the nuclear enrichment program of Iran. In 2009, President Obama ordered Stuxnet deployment. The Stuxnet, co-developed by Israeli Signal Intelligence Unit 8200 and NSA, destroyed about 1000 Iranian centrifuges between 2009 and 2010 after Iran blocked all outbound traffic of its infected sites (Soesanto, 2019). According to Soesanto (2019), Stuxnet's strategic goal hovered somewhere between temporarily delaying the program of Iran's nuclear enrichment and forcing Tehran away from getting nuclear weapons.
Stuxnet put a big chunk of foremost theory into real practice. Technically, Stuxnet represents the first among various achievements in the history of malicious code because it was the first to compromise two digital certificates, exploit four 0-day vulnerabilities, and inject code from the operator. Politically, Stuxnet demonstrated that an offensive cyber operation can develop a kinetic impact and that attacks against critical infrastructure can be undertaken during peacetime. The deployment of the U.S. Stuxnet was aimed at ending the nuclear program in Iran in a clandestine non-attributional manner. The Iranian government lacked the technical capabilities and necessary intelligence to reverse in a tit-for-tat way against Israel/U.S. infrastructure assets at that period. Lessons learned are that better-coordinated services and a plan of support between the control systems community and the DHS are crucial to protecting the U.S. critical infrastructure.
U.S. Cyber Command and DoD
Parallel to the White House realignment, the NSA and DoD consolidated their operations on cybersecurity in a newly established CYBERCOM, the cyber command in the U.S., rather than replicating the capabilities of NSA within Cyber Command and four service elements-which were dismissed unnecessary multiplication of similar capabilities and financially inadequate. The cyber command setup followed the dual logic structure already existing at the JFCC-NW, which made the NSA's Director the head of Cyber Command. Comment by Jeff Kubiak: Rework this sentence. Awkward.
The mission of CYBERCOM was described as directing the defense and operations of specified DoD information networks and, when directed to prepare to conduct full-spectrum military operations of cyberspace to enhance actions in various domains, and guarantee the U.S. cyberspace's freedom of action, deny such advantages to enemies. Despite the big staff and its wide mission goals, CYBERCOM failed to become the agile giant it aimed to become. General Keith Alexander, the then head of CYBERCOM, and NSA, elaborated it was never his mission to defend the entire nation but only to ensure Defense Department networks are protected (Soesanto, 2019).
Additionally, the JFCC-NW suggested various recommendations to utilize offensive tools and techniques for malware neutralization on non-military systems. After the recommendation, the JTF-GNO was put under the JFCC-NW to synchronize defense and better integrate cyber operations. Later in 2010, both the JFCC-NW and JTF-GNO were incorporated into a new Cyber Command after the JFCC-NW and JTF-GNO's dissolution (Soesanto, 2019).
In 2011, the Defense Department unveiled the its first department's Strategy for Cyberspace Operations in an attempt to integrate and mirror the White House cyber policies into the strategic approach of DoD in cyberspace. The DoD's Strategy for Cyberspace Operations discussed five strategic initiatives, which include treating cyberspace as an operational domain, partnering with other organizations and the private sector to facilitate the whole-government cybersecurity strategy, and employing new concepts of defense operations to protect DoD systems and networks. Additionally, the DoD's Strategy for Cyberspace Operations aimed at building robust relationships with partners and U.S. allies to strengthen collective cybersecurity, and finally, the need to leverage the country's ingenuity via an exceptional workforce.
The DoJ, State, and Treasury
In 2012, President Obama's administration emphasized deterrence by de-legitimization and deterrence-by-denial measures, as highlighted in the President's International Cyberspace Strategy. The international law applicability guided the measures to the cyber domain, and differentiation between illegitimate activities and legitimate cyberspace state conduct like espionage for non-commercial purposes, stretching from critical infrastructure disruptions, destructive attacks, and commercial espionage. Generally, the objective of deterrence by de-legitimization measures is creating a general restraint principle, raining the battlespace to encompass military combatants in compliance with the laws of armed conflict.
While the strategy of the President was theoretically sound, it did not deter foreign adversaries from hitting the U.S. assets continuously. Between 2012 and 2013, Iranian Revolutionary Guard Corps members attacked some major financial institutions in the U.S., including Well Fargo, JPMorgan Chase, and American Express (Soesanto, 2019). As per Loretta Lynch, the then Attorney General, these attacks were systematic, relentless, and widespread. The attackers threatened the U.S. economy and limited the country's ability to compete fairly in the marketplace. In August 2013, the group accessed the data acquisition and supervisory control system for the Bowman Avenue Dam in Rye Brook, New York City. Fortunately, the dam's sluice gate was disconnected manually for maintenance during the period of intrusion. In September of the same year a group acting directly for the Iranian government hacked into the system of the Navy-Marine Corps, however no classified information was affected. The exercise of purging the hackers from the network took the Navy four months.
In February 2014, hackers from Iran penetrated Sands Hotel and Casino's systems and wiped out 75% of the organization's servers (Soesanto, 2019). The event marked the first incident that a foreign adversary performed a destructive cyber security attack against an American firm. In November of the same year, another group of hackers from North Korea breached Sony Picture entertainment's computer system. The hackers stole confidential information from the Hollywood studio and shared them online, exposing the personal information to cyber bullies and journalists who may report details about the recent films, therefore affecting income generation once the films were released. Two years later, the North Korean playbook would be utilized by the Russian military intelligence that hacked the Democratic National Convention's internal emails to influence the U.S. presidential election in 2016.
In April 2015, the U.S. personnel management office established that its network was breached and hackers had exfiltrated personal data for about 21.5 million current, former and prospective government workers, as well as that of their relatives and spouses. Additionally, the stolen information also involved 5.6 million fingerprints and other biometrics that could not be changed, unlike social security numbers and passwords (Soesanto, 2019). During this time, the Department of Treasury made its entry onto the cyber stage after the signing of Executive Order 13694 by President Obama. The order gave authority to the Treasury secretary to block the property of some particular people engaging in substantial malicious cyber-related actions. Before the order, the government defended its imposition of economic sanctions merely by observing and monitoring hostile cyber behavior as a reason for justifying its actions. For instance, in January 2015, the President signed Executive Order 13687 to impose more sanctions on North Korea, which mentions coercive, destructive cyber-related activities. Although this EO 13687 was not directed specifically at North Korean cyber actors, the EO 13694 changed the dynamic. From 2015 to 2017, the U.S. Department of Treasury'sTreasury's Office of Foreign Assets Control (OFAC) imposed sanctions on five companies and six people from Russia. In 2018, CYBERCOM was elevated officially to engage with international partner equivalent directly and involve liaison offers to crucial foreign partners to widen interoperability and collaboration (Soesanto, 2019)
Defending Forward & Persistent Engagement
On 18th September 2018, the Department of Defense (DoD) published its new Cyber Strategy. The DoD elaborated on the CYBERCOM vision that the department aims to preempt, deter, and defeat malicious cyber actions targeting the US critical infrastructure to limit the country's warfighting capability and readiness (Soesanto, 2019). The primary role of the DoD changed from domestically supporting the Homeland Security Department to a persistent posture of defending forward. This persistent posture involved working with US foreign allies, the private sector, and other partners to contest cyber action. Shortly, the White made public the President's National Cyber Strategy, which mainly reflected the UN GGE's failures and shifted the government's concentration on deterring cyberspace adversaries. The strategy adopted the philosophy of using strength to preserve peace. The strategy highlighted the US's need to punish irresponsible habits that affect the US and its allies. It envisioned a cyber deterrence intervention where the US would work with like-minded nations to support and coordinate response to malicious cyber threats, including through buttressing attribution claims, intelligence sharing, giving public statements to support response activities, and using the joint imposition of consequences against actors.
Before long, the Cyber Command implemented its vision. In view of protecting the US mid-term elections in 2018, the command deployed cyber defense teams in Northern Macedonia, Montenegro, and Ukraine. This was the initial first time for the US to deny its cyber warriors to foreign countries to secure networks outside the Department of Defense information systems and networks.
The Trump administration: elevation of US Cyber Command
In January 2019, when President Trump assumed office, his administration experienced significant public pressure to deal with Russia. The government was careful to ensure strong network systems to prevent cyber distruptionsdisruptions during important national processes like the election. Theis administration was so passionate about establishing more advanced cybersecurity policies to fight the multi-led cybersecurity issues. Comment by Jeff Kubiak: Evidence? Citation?
In August 2019, the Department of Defense initiated the US Cyber Command elevation to become the country's 10th Unified Combatant Command. A few months later, President Trump approved the new plan of Unified Command, which turned CYBERCOM into A a Joint Force Provider with the responsibility to plan and execute operations of global cyberspace (Desai & Kewalramani, 2022). This translated to the fact that CYBERCOM acquired more authority to balance risk in the Joint Force by concentrating on the cyber capacity in the area where it is needed most to allow for better deterrence and response to cyber threats.
In May 2021, President Biden signed the cybersecurity executive order, which outlined various cyber strategies, including the federal zero trust strategy, enhancing National Security Systems' cybersecurity, and a cyber security review board. Today, the Department of Defense undertakes cyber security operations to obtain intelligence and prepare cyber abilities to be utilized in incidents of conflict or crises (Soesanto, 2019). The DoD defends forward to halt or disrupt malicious cyber incidents at its source, including those under the armed conflict. Additionally, cyber security technologies like artificial intelligence, blockchain, the internet of things, and application security are being used to enhance the security of networks and systems.
Subordinate Strategies' Comparison
The subordinate cybersecurity strategies supporting the US national strategies share some similarities as they are different at the same time. The table below contains some similarities and differences. Most subordinate strategies work to support national cyber security in keeping cyberspace safe and increasing the US military advantage. The strategies have developed over time to deter, defend and respond to cyber threats both domestically and internationally. The strategies keep changing to accommodate the new technological advancement which comes with new cyber threats, therefore deterring such cyber threats better. Most of the subordinate strategies have translated into national policies. More comparisons in terms of objectives for different policies are outlined in the table below. Comment by Jeff Kubiak: You'll need to provide a list of the documents from which you drew to make the chart below.
|
Objective |
Similarities |
Differences |
|
Rainforcing public-private co-operation. |
All the subordinate strategies recognize that cybercrime policies should be grounded on inclusive private-public partnerships, which include civil society, business, academia, and the internet technical community. |
The methods and modalities of such cooperation and consultation and the extent of detail offered in the strategies differ. |
|
Respect for fundamental values |
All the subordinate cyber security strategies strongly emphasise respecting fundamental values like freedom of speech, privacy, and free information flow. Various subordinate strategies explicitly mention the importance of maintaining internet openness, and no strategy recommends internet modification to improve cybersecurity. |
Internet openness is generally described in some strategies as a key requirement for further internet economic development. |
|
Improving International co-operation |
Most strategies express international cooperation and forming better partnerships and alliances with like-minded allies, including enhancing capacity building of third-world countries, as the key goal of the strategies. |
Different strategies give little or varying detail on the approach to achieve improved international cooperation. |
Budgetary Strategies
The U.S. government has allocated $2.5 billion to the Cybersecurity and Infrastructure Security Agency under the Department of Homeland Security (Borghard et al., 2022). This is about $500 million above the budget allocated in the previous year. The funding enhances the federal infrastructure protection and delivery of services against complex cyber threats, including bolstering support capabilities like improved analytics and cloud business applications, improving capabilities of the U.S. rescue plan, and stakeholder engagement. Due to increasing threats from Russia, the U.S. has proposed a budget increase of $197 million in 2023 to strengthen the security systems of sensitive agencies (Borghard et al., 2022). Some targeted organizations for budgetary increases to enhance cyber security include the Federal Aviation Administration, the Coast Guard, the Treasury Department, the Department of Veterans Affairs, and the Department of Justice. The U.S. government plans to support Ukraine with $682 million to counter Russia by enhancing cybersecurity issues, civil society resilience, and counter disinformation.
Connecting the Past to the Present Comment by Jeff Kubiak: This section will need to be make more robust. A quick summary of the evolution of cybersecurity strategy from being focused on terror group finance and cybercrime to deterrence, international cooperation etc. You told a very good story above, Need a quick summary and "so what" here.
The US cybersecurity strategy since 2000, has evolved with great consistency in deterring, defending, and responding to cyber incidents (Lupovici, 2022). In the past, cyber strategies aimed at strengthening and encouraging private and public organizations to protect their systems from cyber-attacks. In the past, the strategies were entirely dealing with domestic cyberspace, but with time, they evolved to the extent that they are being applied in foreign countries to guarantee international cyberspace safety and security. All the strategies were tested for efficiency and policies to support the strategy implementation. The cyber security strategies throughout history have all focused on keeping cyberspace safe and secure for all Americans. The strategies have a strong foundation in cyber research and attract considerable budgetary investments. They are subject to continuous improvements and supported by other subordinate strategies. The first cyber strategy evolution was mainly inspired by threats from China, Iran, North Korea, and Russia and the need to help the U.S. allies deter, defend or respond to the threats targeting their critical infrastructure.
Recommendations on Future Cyber Strategies Comment by Jeff Kubiak: I'm not convinced this section is necessary. You don't really explore problems in detail sufficient to suggest fixes. And it is not necessary. Your goal was to narrate the story of US strategy in the cyber domain. You've done that.
The government should spearhead national efforts towards ensuring the resilience and defense of cyber threat actors that target the private sector, the U.S. critical infrastructure, and the American people. The Cybersecurity and Infrastructure Security Agency (CISA) should lean the country’s cyber defense strategy towards proactive risk reduction and collaboration. Working with other partners will assist the U.S. in mitigating cyber risks and preventing cyber security incidents before they occur (Blakely et al., 2022). Secondly, the cyber strategy should focus on reducing risks and strengthening the resilience of the U.S. critical infrastructure. The country’s security and safety rely on the critical infrastructure’s ability ti prepare and adapt to the changing cyber environment to withstand and rapidly recover from the possible disruptions caused. CISA needs to better national coordinate efforts to protect and secure the nation against the attack on critical infrastructure. This national effort should be centered around establishing which assets and systems are important to the country and understanding how vulnerable the nation is.
Relevant authorities should focus on strengthening whole nation in an active collaboration and sharing of information. The US Cybersecurity agencies should continue collaboration and partnership with other like-minded nations to enhance its cyber capability. Securing the country’s physical and cyber infrastructure need to be a shared responsibility. It is important to challenge the traditional approach of doing things and actively work with academic, government, industry, and international partners to move towards more action-oriented collaboration and forward learning. Agencies should integrate capabilities, functions, and workforce to better deal with cyber security threats (Blakely et al., 2022). CISA should strive and build a culture of excellence grounded on core values and principles that value collaboration and teamwork, empowerment and ownership, innovation and inclusion, trust and transparency. Responsible bodies should invest in research to identify strategies that encourage working smart and cost-effectively. It is good to note that better-coordinated services and plan of support between the control systems community and the DHS are crucial to protecting the U.S. critical infrastructure.
Conclusion
The U.S. cyber strategy follows a clear trajectory. The strategy is riddled with research and experimentation, incident driven, and with uncertain stories of success. Since 2000, U.S. government agencies and businesses have been hammered by cybercriminals from across the world. The DoD and other agencies have done a lot to secure the nation by developing various strategies, where some succeeded as others failed. Some strategies appeared effective theoretically but gave different outcomes practically. The U.S. cyber strategy has evolved over the years to improve its efficiency in addressing emerging cyber threats. The evolution is highly linked with the transition of administrations. The cyber security strategies throughout history have all focused on keeping cyberspace safe and secure for all Americans, have a strong foundation in cyber research, and attract considerable budgetary investments. The government should spearhead national efforts towards ensuring the resilience and defense of cyber threat actors that target the private sector, the U.S. critical infrastructure, and the American people. Going into the future, the U.S. should develop more strategic and tactical strategies to deter and effectively respond to cyber threats.
References
Aljohani, T. M. (2022). Cyberattacks on Energy Infrastructures: Modern War Weapons. arXiv preprint arXiv:2208.14225.
Blakely, B., Kurtenbach, J., & Nowak, L. (2022). Exploring the information content of cyber breach reports and the relationship to internal controls. International Journal of Accounting Information Systems, 46, 100568.
Borghard, E., Lonergan, S., & Schneider, J. (2022). Reviewing US Cyber Posture: An Analysis. Available at SSRN 4077962.
Botelho, J., Proença, L., Leira, Y., Chambrone, L., Mendes, J. J., & Machado, V. (2021). Economic Burden of Periodontal Disease in Europe and the United States of America–An updated forecast. medRxiv.
Desai, S., & Kewalramani, M. (2022). Xi’s Military Reforms and its Efficacy in Furthering China’s National Security Objectives. India Quarterly, 78(3), 429-457.
White House, W. (2002). The National Security Strategy of the United States of America, setiembre de 2002. línea: https://www. hsdl. org. Comment by Jeff Kubiak: List as White House as if that was the last name of the author.
LaFree, G. (2022). In the shadow of 9/11: How the study of political extremism has reshaped criminology. Criminology, 60(1), 5-26.
Lupovici, A. (2022). Ontological security, cyber technology, and states’ responses. European Journal of International Relations, 13540661221130958.
Mostafa, M., & Faragallah, O. S. (2019). Development of serious games for teaching information security courses. IEEE Access, 7, 169293-169305.
Napetvaridze, V., & Chochia, A. (2019). Cybersecurity in the Making–Policy and Law: a Case Study of Georgia. International & Comparative Law Review/Mezinárodní a Srovnávací Právní Revue, 19(2).
Soesanto, S. (2019). The Evolution of US Defense Strategy in Cyberspace (1988–2019). ETH Zurich.
Yu, K., Guo, Z., Shen, Y., Wang, W., Lin, J. C. W., & Sato, T. (2021). Secure artificial intelligence of things for implicit group recommendations. IEEE Internet of Things Journal, 9(4), 2698-2707.
