America’s botched response to the coronavirus pandemic is a warning that, unless our broken political and administrative systems are fixed, the country could experience a similar breakdown in future national crises, such as a massive cyberattack.
This stark message was contained in a little-noticed white paper recently released by the bipartisan
Cyberspace Solarium Commission, titled “Cybersecurity Lessons from the Pandemic.” As the paper highlighted, the Covid-19 outbreak has been a stress-test for our national crisis-management system — and that system has, to a frightening extent, failed. The challenges of a cyberattack would be even greater.
Sen Angus King, I-Maine, and Rep Mike Gallagher, R-Wis, the panel’s two co-chairs, describe the disorganised response to Covid-19 this way: “The pandemic produces cascading effects and high levels of uncertainty. It has undermined normal policymaking processes and, in the absence of the requisite preparedness, has forced decision-makers to craft hasty and ad-hoc emergency responses.”
President Donald Trump’s chaotic and sometimes counterproductive personal management of the Covid-19 crisis has underlined the need for clear executive authority that can coordinate different federal agencies and state and local responders. Trump dismantled or disdained the management tools that might have been useful — and seemed to develop a love-hate relationship with experts who could have helped frame a coherent response, such as Dr Anthony Fauci, director of the National Institute of Allergy and Infectious Diseases.
This problem of coordinating the executive branch in a national crisis was the centerpiece of a report
issued in March by the Cyberspace Solarium Commission. The group brought together Congress, the executive branch and private experts to recommend how to cope with the threat of a crippling cyberattack. As the report was released, Covid-19 was beginning to spread in America, and I wrote that the pandemic was a foretaste of what we’d experience in a debilitating cyberattack. Now, after three months of White House missteps, the commission’s findings are even more relevant.
The commission’s marquee proposal was to create a “national cyber director” as the president’s chief adviser on cybersecurity and related issues. This cyber czar, confirmed by the Senate, could pull together a coherent, whole-of-government response, which has so far been lacking with Covid-19.
The commission’s recent white paper amplified this recommendation: “In confronting Covid-19 and other catastrophes, it is imperative that the executive branch be guided by strong leadership, including subject matter
experts who are sufficiently empowered to coordinate, plan, and prepare for a crisis response well ahead of disruptive events.”
Part of the problem with our Covid-19 response is specific to Trump, who seems to view unpredictability and lack of
planning as positive management tools. But another president, with better management skills, would still face bureaucratic blockages that are endemic to our system. White House coordinators similar to the proposed cyber director — the US Trade Representative, say, or the Office of Science and Technology policy — struggle in any administration to frame coherent government-wide policy, as noted in a recent Lawfare essay by Mieke Eoyang and Anisha Hindocha.
Better executive-branch coordination will require breaking some rice bowls; no federal agency likes to give up control. But with complex subjects like public health or cybersecurity, the lines of authority must be clear in advance. Otherwise, it’s too late.
The mismanaged US response to the pandemic contrasts with other nations’ well-organised public health measures. It’s almost as if there’s a competence gap, with the United States stepping back from sound policy and global leadership. Trump’s decision last month to leave the World Health Organization amid the pandemic is a disturbing example.
Trump’s disdain for multilateral organisations is an unfortunate trademark of his presidency, evident in his policies on climate change, trade and defense. This global retreat seems to be affecting cybersecurity policy, too. Russia is pushing aggressively for a new United Nations framework on cybercrime that would – surprise! — benefit Russia, China and other authoritarian states. The United States is mostly watching from the sidelines.
Russia’s campaign for a new UN cybercrime treaty rolled forward this month towards a meeting of an ad hoc “expert group” scheduled for August, with the United States meekly advocating a “fair, transparent process” and “neutral leadership.” Meanwhile, in another UN forum, Russian representatives savaged as “illogical and contradictory” efforts to apply international human rights law to cyberspace.
In the shadow of the pandemic, it’s clear how unprepared we are for a disabling attack, carried by viral disease or viral malware. And the awful truth is that we don’t seem to have learned much yet from our mistakes. Sensible policies are available, but they won’t work unless America recovers its balance and finds good leadership.
—The Washington Post
David Ignatius is an American journalist and novelist. He is an associate editor and columnist for The Washington Post.
He has written eleven novels, including Body of Lies, which director Ridley Scott adapted into a film