Comments

profileAjaybaby40
CapstoneFirstDraft_AmponsahKubiakComments.docx

1

Topic: The evolution of the US Cyber Strategy

Adjoa N. Amponsah

Arizona State University

Course Title: GSC 550: Capstone

Instructor: Prof. Kubiak

November 1, 2022

Cyber Strategy

The security and prosperity of the United States highly depend on how it responds to challenges and opportunities in cyberspace. National defense, critical infrastructure, and the daily lives of U.S. citizens rely on interconnected information technologies. New vulnerabilities and threats have always emerged throughout history, forcing the country to develop cyber strategies to address them (Aljohani, 2022). The U.S. cyber strategy has evolved over the years to improve its efficiency in addressing emerging cyber threats. For the last two decades, various interationsctions of National Strategy have treated cyber issues differently. The paper analyzes the strategic development of the US national approach to cybersecurity as highlighted in the National Security Strategy, budgetary allocation of the Department of Defense (DoD), cyber-related strategic development within the Department of Defense (DoD) since the year 2000, and also recommends future cyber strategies to help the country better address cyber threats and vulnerabilities.   

Evolution of Strategy Since the year 2000

Playing offense: JFCC-NW & NSA

After the attack on September 11, 2001, the Bush administration developed various legislations and published numerous documents that shaped U.S. cybercrime policies (LaFree, 2022). Most notably, the Homeland Security Act, which in 2003 established the Homeland Security department; the Patriot Act, enacted right after the September 11 attacks expand the surveillance reach of the National Security Agency to fight both foreign and domestic terrorism; and the National strategy publication to secure cyberspace (House, 2002). The National Strategy publication on securing cyberspace required the security agencies to improve attribution capabilities, strengthen their efforts on counterintelligence, deconflict coordination of interagency, and pronounced the U.S. to reserve the right to respond in an appropriate manner to terrorist groups, state, and any adversarial cyberattacks. 

Although the policies changed the cyberspace posture in the U.S., it is unclear if the concerned agencies got the capacities or if it was just established as mere legal capacity without assembling the capabilities (Soesanto, 2019). For instance, the Government Accountability Office designated the DHS creation as high risk as the government transformed twenty-two agencies, the majority with management challenges, into a single department. Failing to effectively resolve the program and management challenges arising from such efforts could put the U.S. national security at high risk. Unsurprisingly, the NSA's role under the Bush administration negatively affected the Department of Defense. In 2003, the Department of Defense's offensive mission was moved to a Network Attack Support Staff from the JTF-CNO, which was under the control of STRATCOM but housed at the headquarters of the NSA in Fort Meade, Maryland. By January 2005, the support staff consolidated into JFCC-NW (Joint Functional Component Command – Network Warfare) and was commanded by the NSA Director (LaFree, 2022). Therefore, while on the defensive end of the DoD, the DISA Director acted as a dual JTF-GNO, the NSA director operated on the offensive end of the DoD as the JFCC-NW dual head.  Comment by Jeff Kubiak: How so? From what to what? Comment by Jeff Kubiak: Spell this out - Joint Task Force - ???? Comment by Jeff Kubiak: What is the purpose of this paragraph? State it clearly. The US government shift in cyber organization came as a result of what?

While on the paper, the U.S. Department of Defense's cyber strategy looked clearly organized and well split, its operational results generated a history of mixed outcomes. In contrast, tThe Joint Task Force-Computer Network Operations (JTF-CNO) did well against various worms and viruses that hammered worldwide networks in the early 2000s (Soesanto, 2019). However, in 2003, there was a series of well-coordinated computer intrusions into the unclassified systems of the Army Space and Strategic Defense Command, DISA, the State Department, various DoD contractors, and another government system, which went for various months undetected. After investigations by Shawn Carpenter, a network security analyst, these attackers were later traced back to Chinesea routers located in Guangdong.  Comment by Jeff Kubiak: Good topic sentence.

The 2003 data breaches were highly generally considered the first incident of Chinese-sponsored cyber-espionage against the United States government. However, some publishments believe that a Byzantine Candor, a group of people, could have been the very first Chinese-state-associated actors to undertake computer network exploitation against the US government. The group was based in Shanghai and has targeted (US?) government-owned agencies since 2002. Some of the targeted systems included that of the State Department, the Department of Energy, and commercial networks and systems. The JFCC-NW, on the offensive end, was confronting its existential problems when, in May 2004, videos demonstrating the execution of Nicholas Berg, an American freelance journalist, popped up on Jihadi websites. It would take about fifteen years for the Department of Defense to achieve the legal authorities required to DDoS commercial servers. Comment by Jeff Kubiak: Word choice. Scholars? Publications? Need a citation, probably. Comment by Jeff Kubiak: These two ideas come across as somewhat unrelated: the Chinese attack and the inability to take down the servers of AQ-I. How are they connected? Give the reader the "so what" at the end of the paragraph.

In 2006, the DoD published the National Military Strategy for Cyber Operations (NMS-CO), its first cyber strategy, which demonstrated the intent of the Pentagon to attain military strategic cybersecurity superiority to deal better with cyber security threats and advance U.S. cyber interests. The strategy aimed at deterring malicious adversary’s cyberspace use while enhancing confidence, freedom of action, and trust in U.S. cyber operations. The U.S. sought to influence their adversariesy's decision-making processes through deterrence by imposing economic, political, or military costs. The U.S. needed this cyberspace superiority to defend and shape cyberspace, tag, locate and track terrorists in various domains such as cyberspace, and effectively respond to attacks on the U.S. critical infrastructure. All these advantages were achieved through the kinetic missions conducted by the DoD to preserve strategic advantage and freedom of action in cyberspace. For instance, a U.S drone strike in 2015 took out Junaid Hussain, an ISIS hacker, at a petrol station in Syria, marking the first publicly known incident of an enemy cyber actor being targeted while on the kinetic battlefield.    Comment by Jeff Kubiak: Inserting a quotation from the strategy here to make this point stronger would be good. Comment by Jeff Kubiak: Citation.

Estonia 2007

In May 2007, the Department of Defense discovered it was missing a substantial piece puzzle of the cyber defense puzzle. While Estonia, the a US-NATO ally, was pummeled for twenty-two days straight with a politically motivated DDoS attack for transferring a Soviet-time era monument to Tallinn's outskirts from its center. The Europeans believed that the attacks were the start of cybermageddon and there was evidence of the hybrid warfare doctrine of Russia. The Estonia incident demonstrated the stark contrast between the technical people and those responsible for articulating national security policies (Mostafa & Faragallah, 2019). Shortly, the cybermageddon collapsed, and the Estonian officials admitted that, without technical evidence, linking Russia with the DDoS attack was shaky. During this time, NATO had not acknowledged cyberspace as a critical military operation domain. Comment by Jeff Kubiak: How so? You need to expand on this idea to make it work. It sounds pretty important.

The Comprehensive National Cybersecurity Initiative, 2008

In 2008, the U.S. developed the Comprehensive National Cybersecurity Initiative. President Bush, in January 2008, signed the National Security Presidential Directive 54 (NSPD-54) and HSPD-23 (Homeland Security Presidential Directive 23) to coordinate the government in a better way and enhance the U.S. capability in deterring, protecting, detecting, classifying, attributing, monitoring, interdiction and any other approach to protect access by unauthorized people into the U.S. National Security systems, private sector critical infrastructure systems and Federal systems (Yu et al., 2021). The Department of Homeland Security was assigned the duty to defend, protect and decrease vulnerabilities of the national systems through the leadership of the department's secretary (Soesanto, 2019). There were no changes in the Defense Secretary as his duties and responsibilities still covered defense and directing operations of the DoD's information system, giving warnings and indications to the Homeland security Department concerning threats coming from outside the U.S., and coordinating the State Secretary to work with international organizations and foreign nations on international cybersecurity aspects. Comment by Jeff Kubiak: This sounds like a dramatic increase in the scope of what the government thought it needed to do in cyberspace. Was it?

The Comprehensive National Cybersecurity Initiative established various cyber-related programs that mainly focused on three major objectives: creating a front-line defense against immediate threats by establishing or improving shared situational awareness of threats, network vulnerabilities, and events within the national government (Botelho et al., 2021). Secondly, the U.S. counterintelligence capabilities were enhanced against the full spectrum of threats by improving supply chain security for crucial information technologies. The third strategy is strengthening the cybersecurity future environment by establishing and developing strategies for deterring malicious or hostile cyberspace activities. The Pentagon experienced its most substantial breach of their network to date, with the scramble to transform the CNCI into practical results.  Comment by Jeff Kubiak: OH, need more detail here. This sounds interesting and important but there are insufficient details here. Did the breach cause the CNCI to come into being, or did the breach happen before the CNCI could be prepared? Detail about the breach and its relationship to the CNCI need to be made more clearly.

Operation Buckshot Yankee 2008

In mid-November 2008, in mid-November, the U.S. Strategic Command suspended the utilization of all removable devices from its systems and networks to contain "Agent.btz", a virus that had infected non-governmental systems of wWindows for some months (Soesanto, 2019). As per the internal emails in the DoD, members of services were ordered to stop using USB storage until the devices were well scanned and established to be free from malware. Agent.btz malware is believed to have struck the U.S. Central command very hard, which oversaw the U.S. involvement in Afghanistan and Iraq and penetrated classified networks that are highly protected. This incident forced senior leaders in the DoD to go for exceptional action of the President about the widespread and severe electronic attack on the Department of Defense's computers that might have come from Russia, an incursion that caused unusual cyber concern and created possible negative implications for national security. According to Willian Lynn, the former Deputy Defense Secretary, explained that the foreign intelligence agency placed the malicious computer code in a flash drive and uploaded itself into the U.S. Central Command's network. The code spread undetected onto unclassified and classified systems to determine what amounted to digital breaches from the data that could be moved to servers. 

In 2011, NSA analysts established the existence of Agent.btz, after the malware beaconed out on the network used by the state and DoD in transmitting lowly classified material communication systems of the Joint World Wide Intelligence, which carries the U.S. top-secret information throughout the world (Soesanto, 2019). To neutralize the virus "Agent.btz" and safeguard the Department of Defense’s networks, the U.S. turned into the NSA's Advanced Network Operations (ANO) team, which dealt with all suspicious activity within the U.S. government networks. The Advanced Network Operations (ANO) wrote an anti-virus program that recognized the Agent.btz's becoming signal and transmitted a response, subjecting the malware to rest. 

Additionally, the JFCC-NW suggested various recommendations to utilize offensive tools and techniques for malware neutralization on non-military systems. After the operation, the JTF-GNO was put under the JFCC-NW to synchronize defense and better integrate cyber operations. Later in 2010, both the JFCC-NW and JTF-GNO were incorporated into a new Cyber Command after the JFCC-NW and JTF-GNO's dissolution (Soesanto, 2019).   Comment by Jeff Kubiak: I don't know what this all means. Which operation…? I'm a little lost at this point. Comment by Jeff Kubiak: Maybe cover this point when you get to your discussion of CyberCom

The Obama Administration: Cyberspace Policy Review

Obama administration ordered a 60-day review named "clean state" in January 2009 to evaluate existing policies and structures of cybersecurity. The wWhite hHouse published the review's outcome four months later, disallowing the status quo. The country's intention to demonstrate its seriousness with issues of cyber security became serious through vision and leadership. The cybersecurity policy is built on the CNCI by recommending a strategy that brings together like-minded countries together on various issues, including acceptable norms towards sovereign responsibility, use of force, and territorial jurisdiction (Napetvaridze & Chochia, 2019). There was a recommendation for the appointment of the cyber security policy coordinator in the White hHouse to elevate cybersecurity-related issues leadership. As the discussion for the cybersecurity policy review was happening, President Obama tracked the nuclear enrichment of Iran in secrecy. Comment by Jeff Kubiak: Hmm, is this a transition to the next section? It confuses more than helps. Delete.

Stuxnet Deployment 

While the Cyberspace Policy Review's discussions were going on among members of the public, the Obama government tackled in secret the nuclear enrichment program of Iran. In 2009, President Obama ordered the Stuxnet deployment. Stuxnet, co-developed by the Israeli Signal Intelligence Unit 8200 and NSA, destroyed about 1,000 Iranian centrifuges between 2009 and 2010 after Iran blocked all outbound traffic of its infected sites. According to Soesanto (2019), Stuxnet's strategic goal hovered somewhere between temporarily delaying the program of Iran's nuclear enrichment and forcing Tehran away from getting nuclear weapons.     Comment by Jeff Kubiak: citation

Stuxnet put a big chunk of foremost theory into real practice. Technically, Stuxnet represents the first among various achievements in the history of malicious code because it was the first to compromise two digital certificates, exploit four zero-day vulnerabilities, and inject code from the operator. Politically, Stuxnet demonstrated that an offensive cyber operation can develop a kinetic impact and that attacks against critical infrastructure can be undertaken during peacetime. The deployment of Stuxnet was aimed at ending the nuclear program in Iran in a clandestine non-attributional manner. The Iranian government lacked the technical capabilities and necessary intelligence to reverse in a tit-for-tat way against an Israel/U.S. infrastructural asset at that period. Lessons learned are that better-coordinated services and a plan of support between the control systems community and the DHS are crucial to protecting U.S. critical infrastructure. 

U.S. Cyber Command and DoD

           Parallel to the White House realignment, the NSA and DoD consolidated their operations on cybersecurity in a newly established CYBERCOM, the cyber command in the U.S., rather than replicating the capabilities of NSA within Cyber Command and four service elements-which were dismissed as unnecessary multiplication of similar capabilities and financially inadequate. The cyber command setup followed the dual logic structure already existing at the JFCC-NW, which made the NSA's Director the head of the Cyber Command. 

The mission of CYBERCOM was described as directing the defense and operations of specified DoD information networks and, when directed to prepare to conduct full-spectrum military operations of cyberspace to enhance actions in various domains, and guarantee the U.S. cyberspace's freedom of action, deny such advantages to enemies. Despite the big staff and its wide mission goals, CYBERCOM failed to become the agile giant it aimed to become. General Keith Alexander, the then head of CYBERCOM, and NSA, elaborated it was never his mission to defend the entire nation but only to ensure that the Department of Defense’s networks are protected (Soesanto, 2019).

In 2011, the Department of Defense unveiled the first department's Strategy for Cyberspace Operations in an attempt to integrate and mirror the White House cyber policies into the strategic approach of the DoD in cyberspace. The DoD's Strategy for Cyberspace Operations discussed five strategic initiatives, which include treating cyberspace as an operational domain, partnering with other organizations and the private sector to facilitate the whole-government cybersecurity strategy, and employing new concepts of defense operations to protect DoD systems and networks. Additionally, the DoD's Strategy for Cyberspace Operations aimed at building robust relationships with partners and U.S. allies to strengthen collective cybersecurity, and finally, the need to leverage the country's ingenuity via an exceptional workforce. 

The DoJ, State, and Treasury

In 2012, President Obama's administration emphasized deterrence by de-legitimization and deterrence-by-denial measures, as highlighted in the President's International Cyberspace Strategy. The international law applicability guided the measures to the cyber domain, and differentiation between illegitimate activities and legitimate cyberspace state conduct like espionage for non-commercial purposes, stretching from critical infrastructure disruptions, destructive attacks, and commercial espionage. Generally, the objective of deterrence by de-legitimization measures is creating a general restraint principle, raining the battlespace to encompass military combatants in compliance with the laws of armed conflict.

While the strategy of the President was theoretically sound, it did not deter foreign adversaries from hitting U.S. assets continuously. Between 2012 and 2013, Iranian Revolutionary Guard Corps members attacked some major financial institutions in the U.S., including Well Fargo, JPMorgan Chase, and American Express (Soesanto, 2019). As per Loretta Lynch, the then Attorney General, these attacks were systematic, relentless, and widespread. The attackers threatened the U.S. economy and limited the country's ability to compete fairly in the marketplace. In August 2013, the group accessed the data acquisition and supervisory control system for the Bowman Avenue Dam in Rye Brook, New York City. Fortunately, the dam's sluice gate was disconnected manually for maintenance during the period of intrusion. In September of the same year, a group acting directly for the Iranian government hacked into the system of the Navy-Marine Corps, although no classified information was affected. The exercise of purging the hackers from the network took the Navy four months. 

In February 2014, hackers from Iran penetrated Sands Hotel and Casino's systems and wiped out 75% of the organization's servers (Soesanto, 2019). The event marked the first incident a foreign adversary performed a destructive cyber security attack against an American firm. In November of the same year, another group of hackers from North Korea breached Sony Pictures entertainment's computer system. The hackers stole confidential information from the Hollywood studio and shared them online, exposing the personal information to cyber bullies and journalists who may report details about the recent films, therefore affecting income generation once the films were released. Two years later, the North Korean playbook would be utilized by the Russian military intelligence that hacked the Democratic National Convention's internal emails to influence the U.S. presidential election in 2016.

In April 2015, the U.S. personnel management office established that its network was breached, and hackers had exfiltrated personal data of about 21.5 million current, former and prospective government workers, as wells as that of their relatives and spouses. Additionally, the stolen information also involved 5.6 million fingerprints and other biometrics that could not be changed, unlike social security numbers and passwords (Soesanto, 2019). During this time, the Department of Treasury made its entry onto the cyber stage after the signing of Executive Order 13694 by President Obama. The order gave authority to the Treasury secretary to block the property of particular people engaging in substantial malicious cyber-related actions. Before the order, the government defended its imposition of economic sanctions merely by observing and monitoring hostile cyber behavior as a reason for justifying its actions. For instance, in January 2015, the President signed Executive Order 13687 to impose more sanctions on North Korea, which mentions coercive, destructive cyber-related activities. Although this EO 13687 was not directed specifically at North Korean cyber actors, the EO 13694 changed the dynamic. From 2015 to 2017, the U.S. Department of Treasury's Office of Foreign Assets Control (OFAC) imposed sanctions on five companies and six people from Russia. In 2018, CYBERCOM was elevated officially to engage with international partner equivalent directly and involve liaison offers to crucial foreign partners to widen interoperability and collaboration (Soesanto, 2019) 

Defending Forward & Persistent Engagement

On 18th September 2018, the Department of Defense (DoD) published its new Cyber Strategy. The DoD elaborated on the CYBERCOM vision that the department aims to preempt, deter, and defeat malicious cyber actions targeting the U.S. critical infrastructure to limit the country's warfighting capability and readiness (Soesanto, 2019). The primary role of the DoD changed from domestically supporting the Homeland Security Department to a persistent posture of defending forward. This persistent posture involved working with U.S. foreign allies, the private sector, and other partners to contest cyber action. Shortly, the White made public the President's National Cyber Strategy, which mainly reflected the UN GGE's failures and shifted the government's concentration on deterring cyberspace adversaries. The strategy adopted the philosophy of using strength to preserve peace. The strategy highlighted the U.S.'s need to punish irresponsible habits that affect the U.S. and its allies. It envisioned a cyber deterrence intervention where the U.S. would work with like-minded nations to support and coordinate response to malicious cyber threats, including through buttressing attribution claims, intelligence sharing, giving public statements to support response activities, and using the joint imposition of consequences against actors.  

Before long, the Cyber Command implemented its vision. In view of protecting the U.S. mid-term elections in 2018, the command deployed cyber defense teams in Northern Macedonia, Montenegro, and Ukraine. This was the initial time for the U.S. to deny its cyber warriors to foreign countries to secure networks outside the Department of Defense information systems and networks.

The Trump administration: elevation of the U.S. Cyber Command

In January 2019, when President Trump assumed office, his administration experienced significant public pressure to deal with Russia. The government was careful to ensure strong network systems to prevent it during important national processes like the election. This administration was so passionate about establishing more advanced cybersecurity policies to fight the multi-led cybersecurity issues.

In August 2019, the Department of Defense initiated the U.S. Cyber Command elevation to become the country's 10th Unified Combatant Command. A few months later, President Trump approved the new plan of Unified Command, which turned CYBERCOM into a Joint Force Provider with the responsibility to plan and execute operations of global cyberspace (Desai & Kewalramani, 2022). This translated to the fact that CYBERCOM acquired more authority to balance risk in the Joint Force by concentrating on the cyber capacity in the area where it is needed most to allow for better deterrence and response to cyber threats.

In May 2021, President Biden signed the cybersecurity executive order, which outlined various cyber strategies, including the federal zero trust strategy, enhancing National Security Systems' cybersecurity, and a cyber security review board. Today, the Department of Defense undertakes cyber security operations to obtain intelligence and prepare cyber abilities to be utilized in incidents of conflict or crises (Soesanto, 2019). The DoD defends forward to halt or disrupt malicious cyber incidents at its source, including those under the armed conflict. Additionally, cyber security technologies like artificial intelligence, blockchain, the internet of things, and application security are being used to enhance the security of networks and systems. 

Subordinate Strategies' Comparison Comment by Jeff Kubiak: List the documents you used to compile this chart; include dates of publication. It'll help you tell the story.

The subordinate cybersecurity strategies supporting the U.S. national strategies share some similarities as they are different at the same time. The table below contains some similarities and differences. Most subordinate strategies work to support national cyber security in keeping cyberspace safe and increasing the U.S. military advantage. The strategies have developed over time to deter, defend and respond to cyber threats both domestically and internationally. The strategies keep changing to accommodate the new technological advancement which comes with new cyber threats, therefore deterring such cyber threats better. Most of the subordinate strategies have translated into national policies. More comparisons in terms of objectives for different policies are outlined in the table below.

Objective

Similarities

Differences

Reinforcing public-private co-operation.

All the subordinate strategies recognize that cybercrime policies should be grounded on inclusive private-public partnerships, which include civil society, business, academia, and the internet technical community.

The methods and modalities of such cooperation and consultation and the extent of detail offered in the strategies differ.

Respect for fundamental values

All the subordinate cyber security strategies strongly emphasize respecting fundamental values like freedom of speech, privacy, and free information flow. Various subordinate strategies explicitly mention the importance of maintaining internet openness, and no strategy recommends internet modification to improve cybersecurity.

Internet openness is generally described in some strategies as a key requirement for further internet economic development.

Improving International co-operation

Most strategies express international cooperation and forming better partnerships and alliances with like-minded allies, including enhancing capacity building of third-world countries, as the key goal of the strategies.

Different strategies give little or varying detail on the approach to achieve improved international cooperation.

Budgetary Strategies

The U.S. government has allocated $2.5 billion to the Cybersecurity and Infrastructure Security Agency under the Department of Homeland Security which was established in November 2018 (Borghard et al., 2022). This is about $500 million above the budget allocated in the previous year. The funding enhances the federal infrastructure protection and delivery of services against complex cyber threats, including bolstering support capabilities like improved analytics and cloud business applications, improving capabilities of the U.S. rescue plan, and stakeholder engagement. Due to increasing threats from Russia, the U.S. has proposed a budget increase of $197 million in 2023 to strengthen the security systems of sensitive agencies (Borghard et al., 2022). Some targeted organizations for budgetary increases to enhance cyber security include the Federal Aviation Administration, the Coast Guard, the Treasury Department, the Department of Veterans Affairs, and the Department of Justice. The U.S. government plans to support Ukraine with $682 million to counter Russia by enhancing cybersecurity issues, civil society resilience, and counter disinformation. 

Connecting the Past to the Present

Throughout the evolution of history US cybersecurity strategy since 2000, cyber strategies have has evolved with great consistency in deterring, defending, and responding to cyber incidents (Lupovici, 2022). In the past, cyber strategies aimed at strengthening and encouraging private and public organizations to protect their systems from cyber-attacks. In the past, the strategies were entirely dealing with domestic cyberspace, but with time, they evolved to the extent that they are being applied in foreign countries to guarantee international cyberspace safety and security. All the strategies were tested for efficiency and policies to support strategy implementation. The cyber security strategies throughout history have all focused on keeping cyberspace safe and secure for all Americans. The strategies have a strong foundation in cyber research and attract considerable budgetary investments. They are subject to continuous improvements and supported by other subordinate strategies. The first cyber strategy evolution was mainly inspired by threats from China, Iran, North Korea, and Russia and the need to help U.S. allies deter, defend or respond to the threats targeting their critical infrastructure. 

Recommendations on Future Cyber Strategies

The government should spearhead national efforts towards ensuring the resilience and defense and offense of cyber threat actors that target the private sector, the U.S. critical infrastructure, and the American people in general. The Cybersecurity and Infrastructure Security Agency (CISA) should lean the country’s cyber defense strategy towards proactive risk reduction and collaboration. Working with other partners like the private sector will assist the U.S. in mitigating cyber risks and preventing cyber security incidents before they occur (Blakely et al., 2022). Secondly, the cyber strategy should focus on reducing risks and strengthening the resilience of U.S. critical infrastructure. The country’s security and safety rely on their critical infrastructure’s ability to prepare and adapt to the changing cyber environment to withstand and rapidly recover from the possible disruptions caused. CISA needs to coordinate a better national effort to protect and secure the nation against the attack on critical infrastructure. This national effort should be centered around establishing which assets and systems are important or critical to the country and understanding how vulnerable the nation is.  

Relevant authorities should focus on the strengthening of the whole nation in an active collaboration and the sharing of information. The US cybersecurity agencies should continue collaboration and partnership with other like-minded nations to enhance its cyber capability. Securing the country’s physical and cyber infrastructure need to be a shared responsibility. It is important to challenge the traditional approach of doing things and actively work with academic, government, industry, and international partners to move towards a more action-oriented collaboration and forward learning. Agencies should integrate capabilities, functions, and workforce to better deal with cyber security threats (Blakely et al., 2022). CISA should strive and build a culture of excellence which is grounded on core values and principles that value collaboration and teamwork, empowerment and ownership, innovation and inclusion, and trust and transparency. Responsible bodies should invest in research to identify strategies that encourage working smart and cost-effectively. It is good to note that better-coordinated services and plan of support between the control systems community and the DHS are crucial to protecting U.S. critical infrastructure.

Conclusion

The U.S. cyber strategy follows a clear trajectory. The strategy is riddled with research and experimentation, incident driven, and with uncertain stories of success. Since 2000, U.S. government agencies and businesses have been hammered by cybercriminals from across the world. The DoD and other agencies have done a lot to secure the nation by developing various strategies, where some succeeded as others failed. Some strategies appeared effective theoretically but gave different outcomes practically. The U.S. cyber strategy has evolved over the years to improve its efficiency in addressing emerging cyber threats. The evolution is highly linked with the transition of administrations. The cyber security strategies throughout history have all focused on keeping cyberspace safe and secure for all Americans, have a strong foundation in cyber research, and attract considerable budgetary investments. The government should spearhead national efforts towards ensuring the resilience and defense of cyber threat actors that target the private sector, the U.S. critical infrastructure, and the American people. Going into the future, the U.S. should develop more strategic and tactical strategies to deter and effectively respond to growing and evolving cyber threats.  Comment by Jeff Kubiak: Really nice statement here.

References

Aljohani, T. M. (2022). Cyberattacks on Energy Infrastructures: Modern War Weapons.  arXiv preprint arXiv:2208.14225.

Blakely, B., Kurtenbach, J., & Nowak, L. (2022). Exploring the information content of cyber breach reports and the relationship to internal controls.  International Journal of Accounting Information Systems46, 100568.

Borghard, E., Lonergan, S., & Schneider, J. (2022). Reviewing U.S. Cyber Posture: An Analysis.  Available at SSRN 4077962.

Botelho, J., Proença, L., Leira, Y., Chambrone, L., Mendes, J. J., & Machado, V. (2021). Economic Burden of Periodontal Disease in Europe and the United States of America–An updated forecast.  medRxiv.

Desai, S., & Kewalramani, M. (2022). Xi’s Military Reforms and its Efficacy in Furthering China’s National Security Objectives.  India Quarterly78(3), 429-457.

House, W. (2002). The National Security Strategy of the United States of America, setiembre de 2002.  línea: https://www. hsdl. org.

LaFree, G. (2022). In the shadow of 9/11: How the study of political extremism has reshaped criminology.  Criminology60(1), 5-26.

Lupovici, A. (2022). Ontological security, cyber technology, and states’ responses.  European Journal of International Relations, 13540661221130958.

Mostafa, M., & Faragallah, O. S. (2019). Development of serious games for teaching information security courses.  IEEE Access7, 169293-169305.

Napetvaridze, V., & Chochia, A. (2019). Cybersecurity in the Making–Policy and Law: a Case Study of Georgia.  International & Comparative Law Review/Mezinárodní a Srovnávací Právní Revue, 19(2).

Soesanto, S. (2019).  The Evolution of U.S. Defense Strategy in Cyberspace (1988–2019). ETH Zurich.

Yu, K., Guo, Z., Shen, Y., Wang, W., Lin, J. C. W., & Sato, T. (2021). Secure artificial intelligence of things for implicit group recommendations.  IEEE Internet of Things Journal9(4), 2698-2707.