Cyber is a tool, and sometimes a weapon. Whether used for commercial gain or for attacks on critical infrastructure, actions taken in cyberspace affect you directly. This means that even the most mundane realities of everyday life are vulnerable to hackers.
In our live May 18 event, "Beyond SolarWinds: Securing Cyberspace," we asked our speakers what we can do to safeguard cyberspace from future attacks.
Ian Bremmer, president of Eurasia Group and GZERO Media, (above) explains "there are three different levels of cooperation we desperately need to reduce a threat that right now is growing exponentially for our national securities at home." At one level, there needs to be greater coordination between the private and public sectors in the US. It needs to be "much deeper, much more structural, much more efficient" than what we currently have, says Bremmer.
This step requires us to acknowledge that cybersecurity is no longer different from physical security. Technology runs every aspect of our lives now, including our physical infrastructure as the Colonial Pipeline hack so evidently proved. So, with increasing cyberattacks on critical infrastructure, cyber defense needs to become more sophisticated. This requires the tech sector to continue to develop stronger security protection while the public and private sectors simultaneously implement cybersecurity practices across the board, says Brad Smith, president of Microsoft.
Jane Harman, President Emerita of the Wilson Center and former ranking Democrat on the House Intelligence Committee, notes that "the markers have been here for years about the impact of cyber" on US infrastructure. The SolarWinds and Colonial Pipeline hacks are just incidents in a series of cyberattacks that further emphasize how sophisticated hackers are, and how unprepared the US has become.
Harman added that the US specifically bungled its response to the SolarWinds hack because a private firm found out first. That's why Biden's executive order mandating private firms in business with the US government to immediately report such cyberattacks is a good first step, but it needs to be more robust. The private sector as a whole needs to coordinate better with the US government. Executive orders are "not enough" to tackle one of the United States' most difficult problems.
Greater coordination between the US and its transatlantic allies is the second level of cooperation we need to reduce the cybersecurity threat. But mistrust, which is both deep and structural, is standing in the way.
"Trust is the currency of diplomacy", according to Wolfgang Ischinger, chairman of the Munich Security Conference. In its absence, the US and its allies have a serious obstacle standing in their way when it comes to issues like global cybersecurity cooperation. "Europeans across the board, don't even trust their own governments" or companies let alone the US government and American companies, says Ischinger. "But the really worrisome thing is that [Europeans] mistrust Americans almost as much, … as they mistrust the Chinese."
That is why rebuilding trust across the Atlantic is an important part of the way forward for cybersecurity, says Smith. It may be hard for people, including the United States government, to fully understand the impact the current lack of trust has on cybersecurity. But there needs to be greater transparency between countries that intend to work together to combat growing waves of distrust. Transparency "is central to everything else we need to do together to address the cybersecurity threats we're seeing around the world," says Smith.
Lastly, we must seek a broader level of global coordination and trust, says Bremmer. "While we all recognize we need that, we are right now heading in the opposite direction."
However, there is some hope on the horizon as we are becoming more away of this crisis. "It is moving up in the league of tables in terms of major policymakers around the world understanding that this is a real threat" we need to address. This leads Bremmer to feel fairly confident in the resources that will be devoted to global cybersecurity cooperation over the next five years.
"Beyond SolarWinds: Securing Cyberspace," a Global Stage live conversation on cyber challenges facing governments, companies, and citizens, was recorded on May 18, 2021. It's presented by GZERO Media and Microsoft, and held in collaboration with the Munich Security Conference as part of their "Road to Munich" series.