The cyclical nature of technological evolution and defense has seen various booms and busts. Not too long ago, the rise of communication and technology integration marked a significant shift in defense. Now, we are witnessing the surge of cybersecurity in light of coordinated state-sponsored attacks that are affecting — and have the potential to affect — physical and digital domains. Even in the president’s budget requests for fiscal 2024 and fiscal 2025, the White House is seeking to increase cyber defense spending from $13.5 billion to $14.5 billion in addition to $12.7 billion for civilian activities in fiscal 2024.
Unlike commonly perceived notions, defense spending has been considerably reduced since the 1990s when examined as a percentage of gross domestic product. Nonetheless, it is imperative to consider the strategic importance of sectors drawing attention within these budget allocations, and we must treat cybersecurity in particular with a dedicated and evolving response.
In the grand scheme of the digital battlefield — and amid the emergence of a new type of warfare that blends the spatial and non-spatial worlds — the conversation around security is one fraught with urgency and complexity. The integration of cyber defense systems is no longer a luxury; it is a necessity that directly affects our national security, economy and privacy rights. We need a comprehensive solution — a first-of-its-kind cyber defense integrator.
Our current cybersecurity landscape is dotted with vendors providing proprietary solutions that often don’t play well together. This fragmentation exacerbates the challenge of defending against increasingly sophisticated cyberthreats. Imagine a disjointed army, where soldiers don’t speak the same language or follow the same playbook. It is not hard to see why they would have trouble facing off against a well-coordinated enemy.
Thus, we need to pivot to a model where our cybersecurity resources are not only interoperable but are also constantly evolving to match the rapidly changing threat landscape.
In an ideal world, a cyber defense integrator would create a framework where different cyber defense systems can communicate and coordinate with each other. Interoperability would become the norm, allowing us to harness the combined power of these systems. But this integration is only one part of the equation.
Cyberthreats are an ever-morphing menace. With every firewall built, hackers devise a new way around it. Therefore, this integrator must also be radically nimble, designed to rapidly adapt to new threats, techniques and technologies. This capability would enable us to stay a step ahead of attackers and ensure that our defenses don’t become obsolete as the digital landscape evolves.
Additionally, incorporating the best-of-breed technologies into a unified framework would let us address the ever-morphing menace of cyberthreats effectively and actively. We can achieve this by encouraging big cyber defense contractors to move away from proprietary, siloed solutions and toward a model emphasizing interoperability and adaptability.
It’s essential to remember that the call for an active cyber defense integrator is not a call for the homogenization of solutions, but rather for a coordinated, rapidly adaptable defense strategy. Different vendors bring different strengths to the table, and an integrated approach will allow us to capitalize on these strengths rather than limit them.
Such an initiative requires collective will, both from the government and the private sector. The government must lead by establishing policies that encourage interoperability and adaptation in cybersecurity products. It should provide incentives for vendors to work collaboratively rather than competitively, and legislate, if necessary, to enforce this change.
On the other hand, the private sector should recognize the strategic advantage of a united front against cyberthreats. By working together, they can provide a comprehensive solution that is more effective than any single proprietary system.
The White House’s recent National Cybersecurity Strategy does provide guidance in this direction by encouraging interoperable systems and coordinated assessments (by, for example, a new Cyber Safety Review Board), but these are merely suggestions that won’t hold significant weight in the big business of cyber defense contracting.
Cybersecurity is no longer just a technology issue; it is a matter of national security, economic stability and personal privacy. The need for an active and rapidly adaptable cyber defense integrator, one that emphasizes interoperability and radical nimbleness, is paramount in this digital age. We cannot afford to rest on our laurels and rely on outdated defense models. The time to act is now, and the future of our nation depends on it.
Lisa Donnan is a partner at the cybersecurity private equity firm Option3.