According to Industrial Cyber magazine, “Auburn University’s McCrary Institute for Cyber and Critical Infrastructure Security and the Cyberspace Solarium Commission 2.0 published a report that provides the incoming U.S. administration essential recommendations to enhance the nation’s cybersecurity, incorporating insights from industry specialists and former federal officials. Building upon the groundbreaking work of the Cyberspace Solarium Commission, the report tackles existing shortcomings and new threats, offering a detailed roadmap for the new administration to safeguard America’s digital future. Based on input from the task force of industry thought leaders and former federal officials, the report highlights eight crucial themes that require urgent focus and continuous commitment.
"Titled ‘Securing America’s Digital Future: A Bipartisan Cybersecurity Roadmap for the Next Administration', the McCrary Institute report detailed that the 40-member task force recommendations include calls to harmonize a cumbersome regulatory landscape, improve coordination across federal agencies, provide playbooks for stakeholders to prepare for and respond to cyber attacks, develop a process for designating state sponsors of cybercrime, develop a system for critical asset identification, improve cyber workforce development and retention, resource key organizations more effectively, establish standards for cloud, IT and OT (operational technology) security and more.”
The report, from the university's Presidential Transition Task Force, can be found here, along with easy-to-digest recommendations from the Auburn University website.
Here’s an excerpt from the executive summary: “The United States stands at a critical juncture in its cybersecurity journey. As we navigate an increasingly complex and interconnected digital landscape, the challenges we face are not merely technical but existential, threatening the very foundations of our national security, economic prosperity and democratic way of life. This report, building upon the groundbreaking work of the Cyberspace Solarium Commission while addressing current gaps and emerging threats, presents a comprehensive roadmap for the incoming administration to secure America's digital future.
“The scope and severity of cyber threats facing our nation cannot be overstated. In fact, these threats represent an existential threat to our democratic way of life. From state-sponsored attacks and cyber espionage to the relentless surge of ransomware targeting our critical infrastructure, the cyber domain has become a battlefield where our adversaries seek to undermine our strengths and exploit our vulnerabilities. The costs are staggering – hundreds of billions of dollars annually in economic losses are predecided, not to mention the incalculable damage to our national security and the erosion of public trust in our institutions.”
The report goes on to highlight eight critical themes that demand immediate attention and sustained effort. The eight areas are (with descriptions and key recommendations under each):
1. Harmonization of Cybersecurity Regulation
2. Strengthening Government Coordination
3. Cost Imposition and Deterrence
4. Resilience
5. Shaping the International Environment
6. Workforce Development
7. Critical and Emerging Technologies
8. Resources, Economy and Continuity
MEDIA COVERAGE
Politico: "Dozens of former officials chart course for next administration’s cyber policies."
"The report lays out almost 40 recommendations for the incoming Trump or Harris administrations to take on from day one to protect the nation against cyber threats.
“The suggested plan of action, obtained first by POLITICO, is composed of around 40 recommendations put together by officials on both sides of the aisle and is aimed at creating a pathway forward to expand the Biden administration’s cyber policy work. Cyber threats span every sector and are a rare subject where bipartisanship often prevails both on Pennsylvania Avenue and on Capitol Hill.”
Nextgov reported that as elections loom, key U.S. cyber policy goals are still unfinished.
“An influential cybersecurity policy body says that the federal government has implemented more of its recommendations in the past year but that several hard-hitting items still need completion to better protect the U.S. from nation-state hackers and cybercriminals.
“According to the Cyberspace Solarium Commission 2.0 — a continuation of the recommendation body chartered by Congress in 2019 to help guide American cybersecurity policymaking — those objectives include establishing a consistent cybersecurity national guard system, codifying a real-time cyber threat sharing platform for government agencies and creating a nation-wide plan to restore critical economic functions in the event of a cyber disaster. …”
OTHER CYBER RECOMMENDATIONS FOR THE INCOMING ADMINISTRATION
According to Infosecurity Magazine, “In its fourth annual report on implementation, published on September 19, the US Cyberspace Solarium Commission 2.0 (CSC 2.0) has provided the incoming administration and Congress with a set of ten new cyber policy recommendations. ...
"CSC 2.0 estimates that, while the incoming administration should continue to implement the remaining recommendations from the 2020 report, more work needs to be done today to secure the US critical infrastructure.
"Therefore, the non-profit provided a set of 10 recommendations of what the next Congress and administration should prioritize:
- Designate Benefits and Burdens for Systemically Important Entities
- Conduct Robust Continuity of the Economy Planning
- Codify Joint Collaborative Environment for Threat Information Sharing
- Strengthen an Integrated Cyber Center Within CISA
- Develop Cloud Security Certification
- Establish a Bureau of Cyber Statistics
- Establish Liability for Final Goods Assemblers
- Develop Cybersecurity Insurance Certifications
- Establish National Guard Cybersecurity Roles
- Build Societal Resilience Against Cyber-Enabled Information Operations"
FINAL THOUGHTS
There are numerous other organizations that offer recommendations for the incoming administration and the next Congress regarding cybersecurity priorities. For example, in advocacy for state and local governments, the National Association of State Chief Information Officers offers several recommendations here.