Senior Adviser, Homeland Security, International Security Program, CSIS
What’s top of mind for you in cyber right now and why?
I have long thought strengthening resilience against the adverse impact of malicious cyber activity is one of the most crucial aspects of managing cyber risk, and I think it is more true today than ever. There’s a lot of important progress being made in hardening networks but we will continue to be vulnerable to cyber hacks for a very long time. Even as we are implementing ZTA and other policies and technologies, we must plan for failure. Making sure you have a way to operate essential functions even in the face of a ransomware or other incident that affects data CIA (confidentiality, integrity, access) makes it harder for a bad actor, whether a nation state or criminal, to achieve their desired outcome. The same is true at a more macro level, looking at the resilience of national critical functions that cut across entities, and at the overall resilience of our economy in the event of a cyber incident with the potential for catastrophic impact. This is why the Solarium recommended planning for continuity of the economy.
What will you be watching for most in the next six months?
(Editor's note: This interview was conducted before the Biden administration announced its National Cyber Strategy.) I’ll be watching to see if the anticipated Cyber Strategy includes a robust strategy for building resilience in the face of ongoing cyber risks. That will then need to be followed up by a plan and appropriations for implementation.
What will be the next big drivers of the evolution of public-private partnerships?
The next big step in the PPP will be around data and using that data to achieve greater shared understanding and insights. This is the objective behind the Solarium recommendation for a Joint Collaborative Environment. It is the data sharing and analysis piece to accompany the operational collaboration in the JCDC.
Read more insights from today's top cyber leaders in The Cyber Initiatives Magazine.
Suzanne Spaulding is senior adviser for homeland security and director of the Defending Democratic Institutions project at the Center for Strategic and International Studies (CSIS). She also serves as a member of the Cyberspace Solarium Commission. Previously, she served as undersecretary for the Department of Homeland Security (DHS), where she led the National Protection and Programs Directorate, now called the Cybersecurity and Infrastructure Security Agency (CISA).