It is widely recognized that a cyberattack is one of our biggest national security concerns and threats. But I will bet most of you did not know a first-of-its kind commission to develop a national strategy recently finished two years of work. It is the Cyberspace Solarium Commission— the name based on President Eisenhower’s Project Solarium, which developed new policies for the Cold War. Senator Angus King was a co-chair of the cyber body and today speaks with me about its mission.
The following is a transcript of a report from "Full Measure with Sharyl Attkisson." Watch the video by clicking the link at the end of the page.
Sen. Angus King: Our response to cyberattacks had been sort of disjointed and all over the place. The idea was, ‘let's take a comprehensive look at this problem and figure out what we need to do.’ And the commission had a unique structure that I think contributed to its success. We had four sitting members of Congress, bipartisan, we had four people from the executive branch, and then we had six from the private sector. But the basic idea was to set up a structure that would give us a definition of a cyber strategy for the country.
Sharyl: Can you highlight some of the biggest recommendations that have been implemented and also some of the recommendations that haven’t, that you think are important?
King: Yeah. I think one of the most important ones that we made was the creation of what's called a National Cyber Director, appointed by the president and the executive office of the president, confirmed by the Senate. Why? Because cyber is scattered all over the federal government in half a dozen or more agencies. There was a lack of coordination. President Biden appointed a fellow named Chris Inglis, who was a member of our commission, to that job. He's in the job now, and he's fabulous. Ones that haven't been implemented yet that, frankly I'm disappointed, I was hoping we were going to be able to do them this year in the defense bill is improvements in the infrastructure for the relationship between the private sector and the government. In cyber, 85% of the target space is in the private sector: airlines, banks, the energy grid, pipeline systems, that's where the attacks come and will come. So, the federal government can help, but there has to be a relationship, a new kind of relationship of trust and mutual information sharing. Unfortunately, we ran into some jurisdictional battles between committees. And frankly, it was pretty frustrating for me because we're talking about national security.
Sharyl: Based on what you've learned and what you know the last couple of years, what are your major concerns when it comes to adversaries like China and Russia in cyberspace?
King: Boy. There's a whole series. One is the danger of a catastrophic cyberattack. If the grid goes down in new England in February, people will die. Oil burners don't fire without electricity. It will be catastrophic. Same thing with the financial system, pipelines, I mean water systems is very vulnerable. There are 70,000 separate water systems in America. And all it takes is a cyberattack on a medium sized water system to change the chemistry, close a valve, that kind of thing. It would be incredibly dangerous. So, there's a whole hierarchy of problems. But here's the reality. The next 9/11 will be cyber. And right now, we're not ready for it, but we're getting there. We’re working on things like continuity, the economy. How do we get back? We're working on prevention. We're working on deterrence. We're working on how to strengthen the cyber hygiene of the private sector without regulation, but with encouragement. And so, like I say, I think we're way better than we were two or three years ago, but we're not there yet.
Sharyl (on-camera): The Cyberspace Solarium Commission finished its two-year mission at the end of 2021. About half of its 60 recommendations were passed into law. It’s continuing on as a nonprofit to try to get the rest of them enacted.