HealthcareCISO

The global commons are under assault in cyberspace. Ransomware attacks, including North Korea’s WannaCry and Russia’s NotPetya, have disrupted vital medical services and global transportation systems, costing billions of dollars. Iran and China have engaged in similar actions.
These cyberattacks are carried out by states and nonstate actors that seek to undermine global connectivity for their own interests. But like a pandemic, these attacks affect all of society. The world needs a new approach to combating how nations use cyberspace to advance their interests at the expense of people around the world.

The U.S. Cyberspace Solarium Commission was formed by Congress in 2018 to develop a strategic approach to defending the United States in cyberspace. It provided a road map for establishing cooperation and accountability in cyberspace. The commission consisted of four federal legislators, the deputies of the Department of Homeland Security, Department of Defense, office of the Director of National Intelligence and Department of Justice, and six private-sector experts. One of us, Benjamin Jensen, served as the commission’s senior research director.

The commissioners and staff conducted more than 400 interviews with cybersecurity professionals, researchers and officials in the private sector, academia and foreign governments. The commission’s final report, released in March, lays out a comprehensive plan of action based on a new strategy: layered cyber deterrence.

Layered cyber deterrence

The proposed strategy breaks new ground in two ways. First, it asserts that contrary to conventional wisdom, it is possible to deter cyberattacks. Second, the strategy calls for...