Today, America is in constant contact with the enemy - and the form of conflict has changed. The expansion of the Internet globally is being accompanied by an explosion of cyber threats. Nation-state adversaries, terrorists, and criminals exploit our weakly secured technology. The United States is principally reliant on its technology for a competitive advantage across the globe. Now, thanks to the Internet and cyberspace, malevolent cyber actors erode that advantage by routinely and consistently targeting American industries and critical infrastructure (CI) sectors with rising success. This is why the current perspective of cybersecurity should move beyond viewing the construct in terms of just offense or defense. This shift opens up the scope of possibilities of how to become antifragile (Taleb), agile, and flexible. It incorporate the users of cyberspace (the non-cyber taskforce users who are the majority of any cybersecurity equation), and creates a significantly larger vote in the cybersecurity process. Cyber is not just for cyber experts.
We present here a shorten version of a new cybersecurity construct that appreciably evolves the current cybersecurity construct by raising the costs for malicious cyber threats by directly influencing the specific actors with the strategic intent and sophisticated cyber capabilities to penetrate U.S. CI cyber perimeter. The objective of this new strategy is to ensure the defense and vitality of America's CI in such a way that tangibly deters malevolent cyber activity while punishing those who choose to transgress against America. The whole of nation strategy proposed includes: Consolidating several existing cyber capabilities and authorities into one new Federal Government interagency task force operating at the Top Secret level and is specifically devoted to CI defense; Evolving synergistic public/private collaboration to include critical infrastructure partners within the task force to share the information and best practices necessary for threat vector understanding while also distributing the responsibility to act; Defining what must be protected - the "core" meaning "that which is too important to fail"; Developing improved cyber defense constructs to protect the "core"; and Defining pre-emptive action.