The Cyberspace Solarium Commission is a unique policy initiative created in 2019 to cut through the complexity of the vast and dense cybersecurity challenges facing the country. It is composed of lawmakers and government officials from across several agencies who, working with outside experts, are devising “a strategic approach to defending the United States in cyberspace against cyberattacks of significant consequences.” The high-profile focal point group came out this spring with an ambitious report that offered 75 recommendations to keep the country safe from digital threats.
Last week, the commission took its prerogative one step further. It came out with its first white paper, Lessons from the Pandemic, a timely document articulating the changes the COVID-19 crisis creates for cybersecurity. The pandemic “illustrates the challenges of ensuring resilience and continuity in a connected world,” co-chairs Senator Angus King (I-ME) and Representative Mike Gallagher (R-WI), wrote in their executive summary of the white paper.
The white paper contains observations about the parallel connections between cybersecurity and the pandemic. It stresses 32 of the commission’s original recommendations, which King and Gallagher said have attained “renewed importance” in light of the coronavirus crisis.
The white paper also contains four new recommendations, including the need to:
- Pass an internet of things (IoT) security law
- Provide significant support for non-profits that assist law enforcement’s cybercrime and victim support efforts
- Establish a social media data and threat analysis center
- Increase non-governmental capacity to identify and counter foreign disinformation and influence campaigns
Remote work drives need for IoT security
In terms of how the pandemic has altered cybersecurity, “there has been a massive shift to move to remote work, forcing companies to rely on in-home consumer electronics as their employees log in from home,” the report noted. It is this radical shift to working from home that drives the new Solarium Commission recommendation to pass an IoT security law. The law should focus on known challenges, such as insecurity in Wi-Fi routers, and mandate that the devices have reasonable security measures as determined by NIST guidelines.