The U.S. for years has struggled to provide rapid cybersecurity support to international allies before, during and after cyberattacks. The Biden administration created a cyber aid program that includes a rapid-response fund, but upgrading the entire foreign-aid bureaucracy to match the speed of cyber incidents has been a challenge. The Trump administration’s pause in foreign assistance, which affected multiple cyber aid programs, has further impeded progress.
Nation-state hackers and cybercrime groups that target U.S. allies frequently target the U.S. as well, which means the U.S. government has a strong interest in understanding threat activity targeting its foreign partners.
“These early lines of defense enable U.S. cybersecurity companies to sharpen their toolkits by stopping cyber attacks which are often precursors to attacks on our own government agencies and critical infrastructures,” Tom Gann, Trellix’s chief public policy officer, told Cybersecurity Dive via email.
But legal and procedural restrictions have hampered the tech industry’s ability to supply other countries with cybersecurity services, which reduces the amount of threat data they can collect and share with the U.S. government. All parties in the system thus have an incentive to make the foreign assistance process easier, experts say.
“It is a national security imperative for the United States to help our partners build their cyber capabilities,” said Tatyana Bolton, the SCC’s executive director. “The security of the United States is intrinsically linked to the cybersecurity posture of its neighbors, as malicious actors can exploit vulnerabilities in partner countries to target U.S. interests.”
To that end, the SCC plans to lobby for incorporating cyber services into the foreign military sales (FMS) and foreign military financing (FMF) processes. In a press release, the group said this change would help the U.S. “enhance collective defense, promote American technological innovation, and deliver cutting-edge cybersecurity solutions around the world, particularly in places most necessary for U.S. operational advantage, including allied nations.”
Bolton said the group would push for a range of specific changes.
“We’re advocating to expand direct commercial contracting authority for cybersecurity, increase acquisition thresholds, adjust congressional notification requirements [to create a $50 million notification threshold for IT and cybersecurity sales], and allow the use of funds like the Special Defense Acquisition Fund and Section 333 for cyber capabilities,” Bolton told Cybersecurity Dive.
Bolton offered an example from the defense space. Military aid programs, she said, often are designed to help foreign countries buy major weapons systems like the F-35 fighter jet, not cybersecurity solutions, which the people involved rarely understand. “Some of these sales take five years — for secure computers, servers, and cyber training, we need to get that down to a more reasonable 12 to 18 months.”
Source: Cybersecurity Dive