Eight years ago, the Center for Strategic and International Studies published an influential report that was a blueprint for early cybersecurity policy development in the Obama Administration. Today, a CSIS task force offers its thoughts on how the Trump Administration should proceed in a report entitled: "From Awareness to Action - A Cybersecurity Agenda for the 45th President." [Full disclosure: I was on the task force; though that does not mean I agree with everything in it.] Here is the lead-in for the report:
Cybersecurity is no longer a “greenfield” for policy development. Much has been done since CSIS’s first report was published in 2008 and the next administration will inherit a work in progress. Despite an exponential increase in attention to cybersecurity over the last decade, we are still at risk and there is much for the next administration to do. This risk exists because of our reliance on technologies that are inherently vulnerable and because the enforcement of laws in cyberspace is inherently difficult, with some countries refusing to cooperate in prosecuting cybercriminals. Nations are also unwilling to constrain cyber espionage or limit the perceived benefits of military cyber operations.
The goals of our recommendations for the next administration’s cybersecurity efforts remain the same: to create a secure and stable digital environment that supports continued economic growth while protecting personal freedoms and national security. The requirements to achieve these goals also remain the same: central direction and leadership from the White House to create and implement a comprehensive and coordinated approach, since cybersecurity cuts across the mission of many different agencies.