Skip to content

July 20, 2020

King Testifies in Congressional Homeland Security Hearing, Stresses Cybersecurity Protections

Defending Solarium conclusions, Senator King says “The unthinkable can happen, but we can be prepared, we can prevent it, and we can protect this country.”

WASHINGTON, DC – The Office of U.S. Senator Angus King (I-Maine) announced that Senator King – joined by Cyberspace Solarium Commission (CSC) Co-chair Representative Mike Gallagher (R-Wis.) and Commissioners Suzanne Spaulding and Samantha Ravich – testified before the House of Representatives Committee on Homeland Security and presented the CSC’s recommendations to establish a comprehensive, forward-looking cybersecurity strategy for the United States. The final report, issued on March 11, lays out more than 80 recommendations to improve the security of U.S. critical infrastructure and provides a strategic approach of layered cyber deterrence to defend the United States against cyberattacks of significant consequences. The Cyberspace Solarium Commission’s final report can be read in full HERE.

“In the last 6 months, we learned that the unthinkable can happen,” began Senator King in his opening statement (beginning at 00:42). “And in the last 48 hours, we’ve learned that cyber is an ever present threat…the attack on Twitter, which was a commercial one, but also the apparent attack by the Russians on the security of our pursuit of a [coronavirus] vaccine is just a reminder that this is not an academic question but it’s something that is really at the front and center of threats that this country is facing.”

Senator King continued: “[the Commission] really tried to approach this [issue] with fresh eyes to look at really two basic questions. What should our strategy be? What should our organizational structure be to protect, to prepare, and to prevent cyberattacks? As you can imagine, there are 82 recommendations in the report, 54 of which have been converted into legislative recommendations and presented to the various committees in both the house and senate in the form of fully drafted legislative proposals. What we’re talking about is called layered cyber deterrence. And that means resilience so that our adversaries feel that there’s not much to be gained by attacking us because of our security and our protection of our systems. But also a declaratory policy that if attacked we will respond…the unthinkable can happen, but we can be prepared, we can prevent it, and we can protect this country”

+++

During his testimony, Senator King provided a comprehensive overview of the CSC’s work and relevance to current cybersecurity issues as they relate to the coronavirus pandemic.

On recent reports of Russian hacking for coronavirus vaccine information:

“What the Russians appear to be doing – I think there are a couple of lessons to be learned from this: number one, there are no boundaries as to what our adversaries are willing to do. Number 2, the Russians are doing something that the Chinese had been in fact doing for many years, which is essentially theft of intellectual property. The estimates are that Chinese theft of intellectual property has cost the U.S. economy billions of dollars. So clearly, this is one of the most important areas that the U.S. must sure up our defenses. We attended to this in a number of different ways in the report but one of the fundamental issues – as I mentioned in my opening statement – [our adversaries] have to understand that there’s a price to be paid for this.  If the Russians or the Chinese or the Iranians or whomever it is come after us and does something like this and we can attribute it to a particular country, there needs to be consequences, there needs to be results – otherwise they’ll keep doing it. Why wouldn’t they?(Beginning at 00:19s)

On general cyber deterrence:

“One of the deficiencies in our cyber posture is that over the last several decades has been we have a deterrence strategy for a major use of force, but we haven’t had a strategy and we haven’t articulated the doctrine that would provide a deterrent for less than use of force kind of cyberattacks. For that reason, as I’ve said many times, we’re a cheap date. Our adversaries don’t compute the cost of attacking us. That has to change, that’s the strategic picture.” (Beginning at 3:30)

On establishing a National Cyber Director:

“The organizational picture is that cyber is scattered throughout the federal government. It’s in the defense department it’s in the intelligence community it’s in DHS it’s in the FBI and we really need to try to straighten out the organizational structure. One of my observations is that messy structure equals messy policy, and that leads with the creation of a National Cyber Director in the White House – appointed by the President, confirmed by the Senate, which will give continuity to this important interest. We want someone in the federal government who wakes up every morning with the mission of protecting this country in cyberspace.(Beginning at 4:09)

On streamlining cyberpolicy in the public and private sector:

“Finally, one of the crucial elements that we tried to address in the report, and frankly it’s a difficult one is the relationship between the government and the private sector. 85% of the target space in cyber is in the private sector. The private sector computers, whether they’re in the financial district or energy or transportation or telecommunications – they’re the frontline troops in this battle. Yet it’s the federal government who has the resources and the expertise and the ability to pull together this information in order to protect our country.” (Beginning at 4:53)

Earlier this week, Senator King and Representative Gallagher announced the release of the CSC’s Fiscal Year 2021 legislative proposals that in tandem with the final report, offer bipartisan solutions to better defend the nation’s critical infrastructure from cyberattacks of significant consequence.  Last month, the Cyberspace Solarium Commission released fresh observations from the pandemic as they related to the security of cyberspace, both in terms of the unique cybersecurity challenges it creates, but also what it can teach the United States about how to better prepare for a major cyber disruption. Click HERE to read the CSC white paper, ““Cybersecurity Lessons Learned from the Pandemic.”

The Cyberspace Solarium Commission was established by statute in the 2019 National Defense Authorization Act (NDAA), and officially launched in April 2019. The Commissioners convened nearly every Monday that Congress was in session for a year, and its staff conducted more than 400 engagements, drawing upon the expertise of corporate leaders, federal, state and local officials, academics, and cybersecurity experts. The meetings and the ensuing report sought to understand America’s posture in cyberspace and identify opportunities to improve our national preparedness to defend ourselves against cyberattacks.

The CSC was established in the spirit of the original Project Solarium convened by President Dwight D. Eisenhower in 1953. The original Solarium was created to develop a consensus strategy to counter the Soviet Union as it was threatening the United States and its allies in the early days of the Cold War. This work contributed to the strategies that guided the United States through the Cold War ending with the fall of the Berlin Wall and the collapse of the Soviet Union. The newest iteration of the Solarium seeks to create a path forward that will guide the United States through a new age of warfare.


Next Article » « Previous Article