___________________

¹ F.B. Schneider, 2012, “Blueprint for a Science of Cybersecurity,” The Next Wave 19(2):47–57, https://www.cs.cornell.edu/fbs/publications/SoS.blueprint.pdf.

___________________

² P. Harr, 2024, “The Weaponization of AI: The New Breeding Ground for BEC Attacks,” Forbes Technology Council, June 14, https://www.forbes.com/councils/forbestechcouncil/2024/06/14/the-weaponization-of-ai-the-new-breeding-ground-for-bec-attacks.

³ K. Rundquist, 2024, “Cloud Security Alliance Announces Implementation Guidelines v2.0 for Cloud Controls Matrix (CCM) in Alignment with Shared Security Responsibility Model,” BusinessWire: Cloud Security Alliance (CSA), June 4, https://www.businesswire.com/news/home/20240604212963/en/Cloud-Security-Alliance-Announces-Implementation-Guidelines-v2.0-for-Cloud-Controls-Matrix-CCM-in-Alignment-with-Shared-Security-Responsibility-Model.

⁴ Intelligent Transportation Systems Joint Program Office, “ITS Deployment Evaluation,” Department of Transportation, https://www.itskrs.its.dot.gov/2019-l00856, accessed December 5, 2024.

using more than one provider incurs complexity and management costs (as well as the increased systemic risk of any one provider having an outage).

A particular risk with cloud computing is the durability of artifacts; although using only what you need, when you need it can help reduce costs, the practice requires more rigor in managing the life cycle of those instances. For example, the Colorado Department of Transportation fell victim to a ransomware attack in 2018⁵ when a virtual server was not secured properly because it was intended to be temporary, and yet it was connected to the agency’s active directory domain, which allowed the attacker to gain additional privileges. Retention periods for backups and logs are other examples of critical artifact management properties.

The start of the COVID-19 pandemic in 2020 forced more organizations to embrace cloud computing with remote access, which, in turn, drove the development of architecture changes such as “edge computing.” Remote user traffic that had to pass through on-premises infrastructure to access cloud-based resources resulted in network bottlenecks and latency; the Secure Access Service Edge emerged in response, putting the users and resources closer to one another. All this reliance on third-party providers has opened new areas of attack as well as complicated security management;⁶ because any given end-to-end interaction now involves additional personnel, terms of service, and levels of visibility and control different from a simple governance model.

Assessing how well a provider secures its offerings is one challenge covered further in the section on supply chain security below. A related cyber hard problem is the process of incident response, for the reasons outlined above. Putting these together creates an overall cyber hard problem that deserves attention because one provider’s outage or compromise can affect literally thousands or even millions of customers. The notion that every organization is solely responsible for securing itself is outdated, as is acknowledged in the most recent White House strategy document cited earlier. The answer lies not just in another technology product that customers must layer on top of the already complex infrastructure (complexity to manage complexity), but includes aligned incentives and clearer, more consistent security standards and responsibilities for these “linchpin” cloud providers.

Cloud infrastructure is included in cyber hard problems 1, 2, 3, 4, 5, and 10.

Identity, Authentication, and Access Control in the Context of the Global Commons

The democratization of technology has increased the number of accounts each user relies on dramatically, but the demographics of those users have changed. Consumers as

___________________

⁵ Ibid.

⁶ Office of the National Cyber Director (ONCD), 2023, “The National Cybersecurity Strategy,” The White House, March 2, https://bidenwhitehouse.archives.gov/oncd/national-cybersecurity-strategy.

young as 3 and as old as 103 must (securely!) authenticate themselves for purposes as varied as online games, banking, education, government services, medical care, and employment. Attackers have taken advantage of the gaps in implementation and differing levels of user sophistication by capturing credentials or tricking the legitimate account holder into exposing authentication information. Identity, authentication, and access control have become a significant battlefield and a favored “soft target” even as viable technical solutions have been accepted.

In response, identity and access management (IAM) technology has evolved to meet this need.⁷ IAM trends include the following:

• Increasing the availability of two-factor and multi-factor authentication (2FA and MFA, respectively). Although 2FA was available long before the 2005 cyber hard problems list, more tools emerged with different ways of enforcing the “something you have” that contributes to more secure authentication. At the same time, the use of SMS as one of these authentication factors, although it is the easiest and cheapest to deploy at scale, particularly where feature phones (precursor to the “smart” phone era) are more widely available than “smart” phones, has come under widespread attack through both social engineering and the practice of “SIM swapping.”⁸
• The growth of single sign-on (SSO) to evaluate and pass authentication data under time-limited conditions so that the user does not have to repeatedly authenticate to access multiple systems, applications, and data in the scope of a single task or enterprise. This generally takes place within one governance area (such as a corporate infrastructure), where a consistent access policy can be enforced; sometimes SSO can be federated among disparate cooperating entities.
• The implementation of passkeys (cryptographically generated key pairs) that are securely stored within the user’s device or other hardware, taking the place of memorized (and usually overused and oversimplified) passwords.
• The development of password managers, which store and in some cases autofill passwords at authentication time, making it easier for users to choose complex or unique passwords without having to remember them or type them in.

___________________

⁷ National Institute of Standards and Technology (NIST), 2023, Digital Identity Guidelines, SP 800-63, https://pages.nist.gov/800-63-3.

⁸ Federal Bureau of Investigation, 2022, “Criminals Increasing SIM Swap Schemes to Steal Millions of Dollars from US Public,” Public Service Announcement: Alert Number I-020822-PSA, February 8, https://www.ic3.gov/PSA/2022/PSA220208.

___________________

⁹ S. Balaouras, J. Blankenship, D. Holmes, P. McKay, J. Burn, A. Tatro, and M. Belden, “The Business of Zero Trust Security,” Forrester, https://www.forrester.com/zero-trust, accessed February 6, 2025.

¹⁰ T. Cappalli, S. Miel, S. O’Dell, and A. Tulshibagwale, “Shared Signals Working Group—Overview,” OpenID, https://openid.net/wg/sharedsignals, accessed February 6, 2025.

¹¹ Any time information sharing is voluntary, commercial drivers can get in the way of sharing useful and complete information. For example, security vendors with their own threat intelligence teams may avoid sharing unique data if it is seen as a competitive advantage or delay release past the point of timeliness in order to publish within marketing schedules.

The collection of personal data, often incentivized financially for marketing and resale, contributes to the attack surface for each individual, as threat actors can obtain a wider variety of demographic data and secrets needed to register, use, and recover access.¹²

Collecting this verified data, storing them securely, and only releasing them where necessary are all associated privacy challenges. Proposed solutions include a digital self-sovereign identity framework, such as the European eIDAS regulation¹³ that will require every European Union country to offer a digital identity wallet by 2026. U.S.-based government services such as Global Entry are now offering digital IDs for mobile devices. Large-scale public identity providers such as Apple, Facebook, and Google have been offering to ease usability for consumers by letting them use their account identities for logging in to other sites, making payment transactions, and so on. However, these varied offerings come with their own governance and privacy goals, which the general public may not be able to evaluate.

To make matters even more complicated, identity management and governance have moved beyond the realm of humans. Machine identities, workload identities, and the operational system accounts that underpin all types of infrastructure, from applications to network routers, all need to be addressed in a coherent way, particularly with the growth of the Internet of Things (IoT). Wherever access is not tied to an individual human, or wherever two entities communicate with one another without human initiation, the authentication, authorization, and identity issues still apply. The Workload Identity working group¹⁴ is addressing some of these issues, but the drudgery of tracking, auditing, and protecting dormant on-premises system accounts remains with the owners of the infrastructure. Not only do attackers regularly target default passwords on these systems, but the potential areas for attack now range from critical infrastructure (utilities, nuclear power plants, 911 systems, medical equipment) to security cameras, home thermostats, baby monitors, and indeed anything that is connected to the Internet under the guise of being “smart.” Non-human identities are equally important to combat cases where an attacker simulates a website or message to trick a user into supplying credentials; the machine needs to authenticate itself to the human.

One final point is that although IAM frameworks and technology have evolved, they are also extending the “long tail” of legacy systems that are too costly to retrofit. For every web-based application that now uses passkeys for authentication, there is also a decades-old banking mainframe or industrial storage tank that must still interoperate.

___________________

¹² Department of Defense (DoD), 2023, “2020 DSB Summer Study on New Dimensions of Conflict: Executive Summary,” DoD Office of Prepublication and Security Review 23-S-2072, April, https://dsb.cto.mil/wp-content/uploads/reports/2020s/DSB-SS2020_NewDimensionsofConflict_Executive%20Summary_cleared.pdf.

¹³ European Commission, 2024, “eIDAS Regulation,” April 4, https://digital-strategy.ec.europa.eu/en/policies/eidas-regulation.

¹⁴ IETF Datatracker, “About the IETF Datatracker,” https://datatracker.ietf.org/release/about, accessed February 6, 2025.

implementation bugs? When acquiring such a system, how should an organization compare the security it offers to competing systems? How should their information technology (IT) professionals configure the system to support its security assumptions? How should employees be trained to use it? When must a system be updated or retired due to security liabilities? Such questions, explicit and implicit, are being answered thousands of times a day. It is widely held that some of these choices are likely better than others. Indeed, many believe that there may be “best” choices for a given situation and that certain decisions, if taken, would seriously foreclose attacks.

While it is tempting to hope that these questions might be answered a priori—that with the proper levels of formal reasoning, systems might be designed and proven secure against reasonable threat assumptions—such results are rarely available. Real systems operate in a messy world, typically more complex than can be modeled, with countless deviations from idealized abstractions, with multiple humans in the loop, and adversaries who formulate their attacks based on the assumptions made by defenders.

This is strong motivation to place cybersecurity on a firm empirical footing—akin to evidence-based medicine—where careful data collection and analysis can differentiate and prioritize among the plethora of factors and approaches. However, a perennial challenge for the cybersecurity community has been to establish a rigorous evidentiary basis for evaluating such choices in a way that predicts outcomes. As a result, most of today’s established cybersecurity “best practices” are based on a combination of perceived common sense and received wisdom.

There are many reasons to question the quality of this status quo decision making.

• Disagreement about best practices. Even among experts, there is frequent disagreement about the set of best practices, and which are the most important. For example, Redmiles and colleagues’ recent large-scale analysis of online security and privacy advice identified 374 distinct pieces of guidance, of which a set of experts surveyed identified 188 as being among the “top 5” practices that should be followed.¹⁵ Using a similar methodology, Reeder and colleagues surveyed 200 security experts who identified 152 distinct “top 3” practices.¹⁶ While consensus is no substitute for evidence, a lack of consensus suggests an information-poor environment in general.
• Poor evidence even where there is consensus. In those cases where there has been agreement about best practice, it is frequently based on simplified abstractions of how systems are built, used, and attacked. Empirical data are

___________________

¹⁵ USENIX, 2020, “29th USENIX Security Symposium,” August 12–14, https://www.usenix.org/conference/usenixsecurity20.

¹⁶ IEEE Symposium on Security and Privacy, 2017, “38th IEEE Symposium on Security and Privacy,” https://www.ieee-security.org/TC/SP2017.

___________________

¹⁷ A. Shostack, M. Smith, S. Weber, and M.E. Zurko, 2019, “Empirical Evaluation of Secure Development Processes,” Dagstuhl Reports 9(6)1–25, Schloss Dagstuhl – Leibniz-Zentrum für Informatik, https://doi.org/10.4230/DagRep.9.6.1.

¹⁸ R. McMillan, 2017, “The Man Who Wrote Those Password Rules Has a New Tip: N3v$r M1^d!” Wall Street Journal Pro-Cybersecurity, August 7, https://www.wsj.com/articles/the-man-who-wrote-those-password-rules-has-a-new-tip-n3v-r-m1-d-1502124118.

¹⁹ R. Morris and K. Thompson, 1979, “Password Security: A Case History,” Communications of the ACM 22(11):594–597.

²⁰ A. Adams and M.A. Sasse, 1999, “Users Are Not the Enemy,” Communications of the ACM 42(12):40–46.

___________________

²¹ D. Lain, T. Jost, S. Matetic, K. Kostiainen, and S. Capkun, 2024, “Content, Nudges and Incentives: A Study on the Effectiveness and Perception of Embedded Phishing Training,” arXiv:2409.01378.

²² L.F. DeKoven, A. Randall, A. Mirian, G. Akiwate, A. Blume, L.K. Saul, A. Schulman, G.M. Voelker, and S. Savage, 2022, “Measuring Safety Practices,” Communications of the ACM 65(9):93–102.

²³ C. Thompson and D. Wagner, 2017, “A Large-Scale Study of Modern Code Review and Security in Open Source Projects,” PROMISE ‘17, November 8, https://people.eecs.berkeley.edu/~daw/papers/coderev-promise17.pdf.

²⁴ The 1995 Infosec Research Council (IRC) Hard Problems is not easily found, but the problems themselves are available in Appendix A, “Retrospective on the Original Hard Problem List,” of the 2005 Hard Problem List report. See IRC, 2005, Hard Problem List, November, https://www.nitrd.gov/documents/cybersecurity/documents/IRC_Hard_Problem_List.pdf.

²⁵ National Research Council, 2002, Cybersecurity Today and Tomorrow: Pay Now or Pay Later, National Academy Press, https://doi.org/10.17226/10274.

²⁶ Computing Research Association, 2003, “Four Grand Challenges in Trustworthy Computing,” https://archive.cra.org/Activities/grand.challenges/security/grayslides.pdf.

²⁷ President’s Information Technology Advisory Committee, 2005, Cyber Security: A Crisis of Prioritization, National Coordination Office for Information Technology Research and Development, February, https://www.nitrd.gov/pubs/pitac/pitac_report_cybersecurity_2005.pdf.

²⁸ IRC, 2005, Hard Problem List.

²⁹ IRC, 2005, Hard Problem List, p. 56.

³⁰ D. Maughan, 2006, “Infosec Research Council Hard Problem Lists,” Department of Homeland Security, Science and Technology Directorate, January 26.

³¹ ONCD, 2024, Back to the Building Blocks: A Path Toward Secure and Measurable Software, The White House, February, https://bidenwhitehouse.archives.gov/wp-content/uploads/2024/02/Final-ONCD-Technical-Report.pdf, p. 11.

___________________

³² C. Herley and P.C. van Oorschot, 2017, “SoK: Science, Security and the Elusive Goal of Security as a Scientific Pursuit,” 2017 IEEE Symposium on Security and Privacy (SP) 99–120, https://oaklandsok.github.io/papers/herley2017.pdf.

³³ D. Evans and S. Stolfo, 2011, “Guest Editors’ Introduction: The Science of Security,” IEEE Security & Privacy 2011(9):16–17, https://www.computer.org/csdl/magazine/sp/2011/03/msp2011030016/13rRUwh80sR.

that the Federal Reserve would make better decisions if only it ignored empirical data). While each of these settings differs from cybersecurity in key ways, all are also removed from the idealized notion in which measurements can be used to derive static generalizable laws that then offer perfect predictive power. That such empirical analyses may be imperfect or have limited lifetime does not eliminate their value—for the alternative is to act without the benefit of concrete evidence at all.

In the late 20th century, portions of the medical community popularized evidence-based medicine (EBM) to incorporate a range of empirical evidence to guide research and ultimately update practice guidelines with the singular goal of improving clinical outcomes. Firmly embedded in the scientific method, EBM fostered hypothesis generation from laboratory and qualitative studies, building into both prospective and retrospective case studies, then driving repeated randomized controlled trials of prospective treatments and filtered based on comprehensive meta-analysis. There is little debate that this effort has been transformative for the practice of medicine. While this precise formulation is unlikely to translate directly to the cybersecurity realm, a similar kind of focus and investment to pursue outcome-focused results is needed.

However, there is a range of obstacles that will need to be addressed to make progress, including the following:

• Data collection. Evidence-based methods live or die based on the availability of evidence. Some kinds of analyses can be done in synthetic controlled settings, but much work requires in situ longitudinal data collection. Unfortunately, few organizations are organized around security-relevant data collection, and incentives—both due to privacy and liability—support holding such data closely. While it is straightforward to estimate how many Americans died of heart disease last year and their associated demographics, it is much harder to measure how many servers were compromised in each market sector, how many passwords were stolen from accounts in a position of authority, or the kind and number of new software vulnerabilities that were found and fixed and whether they were implicated in critical infrastructure (viz. Shostack’s Cyber Public Health³⁴). There are legal, operational, ethical, and economic aspects to this problem. How should such data collection be incentivized? What protections should exist for collectors, and how should the privacy interests of individuals implicated in the data be ensured? How might the use of such data be limited to improving cybersecurity? These are not simple challenges, and they implicate roles for the government, the private sector, and

___________________

³⁴ CyberGreen, “Indirect Cost Policy,” https://cybergreen.net/technical-report-22-01/in, accessed February 6, 2025.

___________________

³⁵ Verizon, 2024, “2024 Data Breach Investigations Report,” https://www.verizon.com/business/resources/reports/2024-dbir-data-breach-investigations-report.pdf.

___________________

³⁶ USENIX, 2015, “24th USENIX Security Symposium,” August 12–14, https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/liu.

³⁷ A. Searles, Y. Nakatsuka, E. Ozturk, A. Paverd, G. Tsudik, and A. Enkoji, 2023, “An Empirical Study & Evaluation of Modern CAPTCHAs,” pp. 3081–3097 in 32nd USENIX Security Symposium, https://www.usenix.org/conference/usenixsecurity23/presentation/searles.

³⁸ K. Thomas, D. McCoy, C. Grier, A. Kolcz, and V. Paxson, 2013, “Trafficking Fraudulent Accounts: The Role of the Underground Market in Twitter Spam and Abuse,” 22nd USENIX Security Symposium, August 14–16, https://www.usenix.org/conference/usenixsecurity13/technical-sessions/paper/thomas.

³⁹ Computer and Communications Security, 2014, CCS ‘14: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, Association for Computing Machinery.

⁴⁰ A. Mirian, J. DeBlasio, S. Savage, G.M. Voelker, and K. Thomas, 2019, “Hack for Hire: Exploring the Emerging Market for Account Hijacking,” pp. 1279–1289 in WWW ‘19: The World Wide Web Conference, May 13, arianamirian.com/docs/www2019_hfh.pdf.

___________________

⁴¹ Cybersecurity and Infrastructure Security Agency (CISA), 2016, “Alert: OpenSSL ‘Heartbleed’ Vulnerability (CVE-2014-0160),” October 5, https://www.cisa.gov/news-events/alerts/2014/04/08/openssl-heartbleed-vulnerability-cve-2014-0160.

⁴² Github, “AttackSufaceAnalzyer,” Microsoft, https://github.com/microsoft/AttackSurfaceAnalyzer/pulls, accessed February 6, 2025.

Some training to help software developers produce more security software can produce recommendations that seem on the surface impractical.

The inability to develop compact, predictive, measurable security metrics informs and affects essentially all of the consumer cyber hard problems.

Secure Resilient Engineering and Formal Methods for High Assurance

Many of the traditional problems of “secure design and composition,” described in detail above, include careful specification, isolation, and partitioning of functionality—following the principle of “least privilege” by authenticating the principal on whose behalf actions are taking and verifying their “right” to take such an action (the basis for “zero trust”). There are also emerging technologies, such as “confidential computing,” which provides a strong, principled basis for authentication of programs (an important security principle) to establish a principled, distributed basis for partitioning, isolation, and trust management. Several “producer technologies” for achieving secure resilient design and composition are discussed below.

There is a wide diversity of engineering interventions, ranging from selecting safer programming languages such as Rust and TypeScript to making architectural choices that enhance the potential for resilient response to compromise. As noted above in this chapter, one of the most vexing cyber hard problems in cybersecurity is measurement. Measurement difficulties thwart progress, not just in implementing secure engineering practices but also in understanding trade-offs when there are choices to be made regarding which practices to adopt.

For example, how much benefit is to be obtained from using a safer programming language, and how does this compare, say, with using improved analysis tools? There may be trade-offs that involve traditional software engineering criteria—for example, how does architecting to reduce interdependency among components of a large system interact with choices to implement a design that limits trust assumptions among system components when they interact (in the same sense as zero trust, but at an internal implementation level)?

Further exacerbating this challenge is a set of enduring perceptions that engineering efforts that are directed at enhancing security and resilience have an uncertain return on investment.

When successful, however, secure engineering practice can have significant—and otherwise unattainable—benefits in reducing many aspects of cyber risk. Indeed, while it may be challenging to characterize the role of specific development or design practices, there is a range of proxies suggesting that “zero-day” exploits for commodity smart-phone and server platforms have become harder to procure over time, as evidenced by their increasing market price and owing to the increasing length and complexity of

exploit chains needed. Moreover, there are cases where secure engineering practice leads not only to improved risk posture but also improved productivity and, in some instances, enhanced system performance. It is reported, for example, that many users of memory-safe programming languages (e.g., Rust and TypeScript) make the adoption choice in the interests of productivity, with secondary consideration for the harder-to-measure security benefits. This means that, even if the security benefits cannot readily be measured, the adoption of improved practices based on concomitant benefits to productivity and performance can nonetheless be promoted.

There are many examples of guidance regarding secure engineering from firms, laboratories, and government agencies, including the National Security Agency, the Cybersecurity and Infrastructure Security Agency, and ONCD. Most recently, for example, ONCD issued advice regarding secure practices with a focus on memory safety and formal methods⁴³ in the face of the paucity of cybersecurity metrics. Historically, the Microsoft Security Development Lifecycle (SDLC), which includes a mix of interventions and practices focused on process and product, has had broad adoption and, as perceived by engineering managers, meaningful benefits.⁴⁴ Much of the guidance focuses on practices and processes that are associated with improved security outcomes. An example is “secure coding practice,” which involves making coding choices that reduce vulnerabilities, as demonstrated through techniques such as fuzz testing.⁴⁵

Logic Flaws and the Need for Mathematical Techniques

Many security-related weaknesses and vulnerabilities go beyond simple coding practices and derive from the logical structure of software and firmware. These flaws can range from protocol and API misuse to erroneous business rules. These are logic flaws. The focus of logic flaw problems is not on the full scope of secure engineering practices, but rather on means to achieve verifiable assurances regarding the absence of certain categories of vulnerabilities that go beyond type safety and memory safety. This report focuses on logic flaws for two reasons. First, there is increasingly broad adoption of “traditional” secure engineering practices such as SDLC (and as assessed through instruments such as BSIMM).⁴⁶ Second, logic flaws account for an increasing percentage of exploits,^47,48 and these flaws are not readily detected using current techniques. The usual means to detect

___________________

⁴³ ONCD, 2024, Back to the Building Blocks.

⁴⁴ Microsoft, “Microsoft Security Development Lifecycle (SDL),” https://www.microsoft.com/en-us/securityengineering/sdl, accessed February 6, 2025.

⁴⁵ OWASP Foundation, “Secure Coding Practices,” https://owasp.org/www-project-secure-coding-practices-quick-reference-guide/stable-en/02-checklist/05-checklist, accessed February 6, 2025.

⁴⁶ BlackDuck, “What Is BSIMM?” https://www.blackduck.com/glossary/what-is-bsimm.html, accessed February 6, 2025.

⁴⁷ OWASP, “Top Ten,” https://owasp.org/www-project-top-ten, accessed March 25, 2025.

⁴⁸ S. McClure, 2024, “Safeguarding from Lurking Threats in Business Logic Flaws,” Fast Company, January, https://www.fastcompany.com/91013667/safeguarding-from-lurking-threats-in-business-logic-flaws.

and mitigate logic flaws is through inspection and testing. But it is well understood that these methods are imperfect.

There is an unhappily rich collection of security attributes, as revealed in the several taxonomies that are widely referenced (e.g., CIA,⁴⁹ STRIDE,⁵⁰ MITRE ATT&CK). Mathematical techniques can be used to address some of these, at different levels of complexity and scale. However, some attributes cannot currently be readily modeled mathematically. These include side-channel attacks. An example familiar to security researchers is cryptographic algorithms, which are mathematically correct and whose implementation is proved consistent with the algorithms, but whose implementations on actual physical processors creates vulnerabilities based on the physics of the operation of the processors, such as power fluctuations, RF emissions, and timing of executions.

Process compliance, in many cases, is seen as more affordable to achieve than actual measurable security. Although sometimes useful,⁵¹ compliance is expensive, subject to manipulation by “well-resourced” organizations, and it delays innovation and is not really very effective, generally, in “guaranteeing” security.

Formal methods (FM), in contrast, are direct techniques, focused on the operation rather than adherence to processes in the creation of that product. These techniques, including verification and program analysis for various functional and quality attributes, have a long history, going back at least to the 1960s with work by Robert Floyd and later Tony Hoare. For many years, the principal uses were in critical applications such as commercial flight controls, embedded medical devices, and national security applications. In the past 5 years, however, the scope of application has broadened significantly to include many commercial uses. Some evidence of this is cited in the Networking and Information Technology Research and Development publication regarding the FM@Scale workshops,⁵² where several at-scale commercial uses are highlighted. These use cases suggest the possibility that barriers of affordability, scale, usability, and integration can be overcome for a broader range of applications, with significant benefits not just to reducing important categories of vulnerabilities but also in providing evidence in support of cybersecurity risk assessment and certification. These successes depend on our ability to express models, including specifications, for quality attributes relevant to security. Improving the scope, expressiveness, and ease of use of modeling can significantly

___________________

⁴⁹ CIA refers to confidentiality, integrity, availability.

⁵⁰ STRIDE refers to spoofing, tampering, repudiation, information disclosure, denial of service, elevation of privilege.

⁵¹ The National Information Assurance Partnership (NIAP) Common Criteria, for example, can involve deep analysis of design artifacts and some sampling of code in an evaluated system. See NIAP, “Common Criteria: IT Security Evaluation,” https://www.nsa.gov/Portals/75/documents/resources/everyone/2023-02-NIAP_brochure_trifold_1.pdf, accessed February 6, 2025.

⁵² R.W. Floyd, 1967, “Assigning Meanings to Programs,” pp. 19–32 in Proceedings of Symposium on Applied Mathematics (19): Mathematical Aspects of Computer Science, J.T. Schwartz, ed., American Mathematical Society.

reduce the cycle of information loss and recovery that typically occurs, with great cost, as systems evolve over time. Information loss of this kind creates challenges for test and evaluation as well as for sustainment and evolution. It is one of the chief contributors to technical debt.⁵³

An additional enabler, already in place, for maintaining continuity, enabling agility, and minimizing information loss across the full life cycle of software-based systems is the Software Acquisition Pathway. The benefits were reinforced in a recent memo from the Secretary of Defense.^54,55

The following three examples illustrate the various ways that these barriers are now being overcome:

• Defense Advanced Research Projects Agency’s (DARPA’s) High Assurance Cyber Military Systems program, circa 2012–2017 (and recently awarded a DARPA Game Changer Award), undertook case study exercises to assess and demonstrate the potential applications of FM techniques to mid-sized complex systems, including unmanned aerial vehicles. The approach to scaling is significant: Judicious choices regarding systems architecture and software infrastructure enabled a narrowing of focus in use of FM to a relatively small portion of the system, including the underlying operating system, seL4, and adherence to the key coupling constraints imposed by the systems architecture.^56,57
• One of the most significant FM interventions is the use of types—and more recently memory-safety features—in programming languages. Type declarations form a specification, and type checking verifies that the software is consistent with the declarations. The declarations are just another element of the language specification, and the type-checking algorithms, which are mathematically complex, are integrated into the compiler. Adding to the ease of use is type inference, where types can be determined algorithmically, enabling specifications to be largely omitted. The mathematical analysis, nearly fully invisible to users, can eliminate entire classes of vulnerabilities related to

___________________

⁵³ CISA, 2025, “Closing the Software Understanding Gap,” January 16, https://www.cisa.gov/resources-tools/resources/closing-software-understanding-gap.

⁵⁴ DoD, 2025, “Directing Modern Software Acquisition to Maximize Lethality,” Memorandum for Senior Pentagon Leadership Commanders of Combatant Commands Defense Agency and DoD Field Directors, from the Secretary of Defense, March 6, https://media.defense.gov/2025/Mar/07/2003662943/-1/-1/1/DIRECTING-MODERN-SOFTWARE-ACQUISITION-TO-MAXIMIZE-LETHALITY.pdf.

⁵⁵ DoD, 2020, “Operation of the Software Acquisition Pathway,” DoD Instruction 5000.87, October 2, https://www.esd.whs.mil/Portals/54/Documents/DD/issuances/dodi/500087p.pdf.

⁵⁶ Defense Advanced Research Projects Agency (DARPA), “HACMS: High-Assurance Cyber Military Systems,” https://www.darpa.mil/program/high-assurance-cyber-military-systems, accessed February 6, 2025.

⁵⁷ A. Miller, “HACMS,” GALOIS, https://galois.com/project/hacms-high-assurance-cyber-military-systems, accessed February 6, 2025.

___________________

⁵⁸ C. Thompson, 2023, “How Rust Went from a Side Project to the World’s Most-Loved Programming Language,” MIT Technology Review, February 14, https://www.technologyreview.com/2023/02/14/1067869/rust-worlds-fastest-growing-programming-language.

⁵⁹ L. Lamport, 2024, “The TLA+ Home Page,” August 13, https://lamport.azurewebsites.net/tla/tla.html.

⁶⁰ Amazon Web Services, “Provable Security Resources,” Cloud Security, https://aws.amazon.com/security/provable-security/resources, accessed February 6, 2025.

⁶¹ N. Rungta, 2022, “A Billion SMT Queries a Day,” Amazon Science, https://www.amazon.science/blog/a-billion-smt-queries-a-day.

⁶² P. Lincoln, W. Scherlis, and W. Martin, 2022, Formal Methods at Scale: 2019 Workshops Report, Computing-Enabled Networked Physical Systems Interagency Working Group, May, https://www.nitrd.gov/pubs/Formal-Methods-at-Scale-Workshops-Report.pdf.

⁶³ ONCD, 2024, Back to the Building Blocks.

⁶⁴ President’s Council of Advisors on Science and Technology (PCAST), 2024, Strategy for Cyber-Physical Resilience: Fortifying Our Critical Infrastructure for a Digital World, Executive Office of the President, February, https://bidenwhitehouse.archives.gov/wp-content/uploads/2024/02/PCAST_Cyber-Physical-Resilience-Report_Feb2024.pdf.

Americans’ daily lives, including the electrical grid, public water systems, internet and telecommunications, air traffic control and much more.” IoT and automated manufacturing systems that incorporate sensors or actuators, and indeed any CPS, can be included in this category as well. The PCAST report goes on to note:

Cyber-physical risk is high, while protections are disproportionately low. America’s infrastructure systems were created and operated long before they acquired cyber dependencies, with sensing, computing, and networking dependencies developing in different ways over time. There is no systemic, pervasive protection against cyber risk since our protections evolved over time.⁶⁵

CPS (e.g., a car, a laboratory instrument, or a medical device in a doctor’s office) may have very long lifetimes. Future systems have to be shaped by cyber-informed engineering. Much of the technology that underpins cyber systems and CPS was engineered without appropriate consideration of security needs. Security and resilience elements are tacked on after systems are deployed, often imperfectly and at considerable expense.

As observed above, many CPS security practices lag far behind those of IT systems. These systems use old software versions and are often not upgraded, they are not managed under user policy, and there is seldom support for critical hardware features like “root of trust” nodes. Finally, they are especially vulnerable since they are exposed to physical attacks in addition to network-based attacks.

This is cyber hard problem 8, but it is affected by almost all the other “producer” cyber hard problems, including problem 10 (operational security).

OPERATIONAL CYBER HARD PROBLEMS

Operational cyber hard problems address securely operating a scale infrastructure, including responding to attacks. This is cyber hard problem 10. Earlier discussion has already described the importance of continuous updating, resilient deployment and operations, monitoring, and situational awareness. These are the core elements of resilient secure operation, and large cloud providers have made great progress in this area. However, customer insight into the effectiveness of already introduced measures is modest, and small providers as well as “in house operations” often suffer in comparison to the effectiveness of the operational security of a large cloud provider. This includes the operational infrastructure of CPS.

___________________

⁶⁵ PCAST, 2024, Strategy for Cyber-Physical Resilience, p. 12.

Lawyers taking a position that even attackers have privacy rights limits defender access to their internal communications and communication with fraud victims. The incentives for attackers are high and constantly evolving, while defenders often face significant resource constraints and organizational inertia, making it difficult to implement and adapt new strategies to increase the cost seen by attackers.

Potential approaches to this problem include interdisciplinary research that combines insights from psychology, sociology, and behavioral economics with cybersecurity. Developing comprehensive attacker profiles and predictive models can help in understanding likely behaviors and vulnerabilities. Simulation and gaming techniques can be employed to study attacker behavior in controlled environments. Additionally, leveraging machine learning (ML) and AI to analyze patterns in large data sets can provide deeper insights into attacker traits and tactics. Collaboration between academia, industry, and government will be essential to foster innovation and translate research findings into practical applications. Note, however, that attackers will be increasingly autonomous (bots) and will also employ AI to probe systems and people.

Key players who can act include cybersecurity researchers, defense agencies, technology companies, and policy makers. Cybersecurity firms and tech companies can incorporate human factors insights into their security products and services. Governments can fund research initiatives and create frameworks that encourage information sharing and collaboration. Policy makers can help by enacting regulations that support ethical research, while researchers can make progress in blinding and masking personal information to make it less easy to reidentify, to protect individual privacy. Education and training programs for cybersecurity professionals need to also emphasize the importance of understanding attacker psychology and behavior.

Success in this endeavor can be measured through several indicators. A reduction in the frequency and severity of successful cyberattacks would be a primary indicator. Improved response times and more effective mitigation strategies in the face of attacks would also signify progress. An increase in the cost of credentials or breach data offered on dark markets would be a direct observable measure of success. Additionally, the development and widespread adoption of new defense technologies and methodologies that incorporate human attributes of attackers would demonstrate advancement in this field. Regular assessments and refinements based on real-world data and feedback will be necessary to ensure the ongoing effectiveness of these approaches.

This informs cyber hard problem 10.

Personal and Societal Impacts in Design and Operation

There are few tools or techniques to predict how cyber systems may be used in the future, especially as relates to unforeseen use that can threaten an individual’s security,

the security of an organization, or the nation. Attacks that seem to have been largely unforeseen in the past include doxing, stalkers transitioning to the digital domain, false reporting to cause account deactivation, and disinformation and influence operations that aim to attack democratic processes.

The legacy of online anonymity, including the ease of creation of opaque personas in different forums, facilitates not just free speech but also an important category of adversarial information operations, the use of bots, artificial amplification of adverse memes, and impersonation of individuals and organizations. In certain online contexts, by contrast, identity has to be firmly established, such as for banking, health records access, and business process execution.

The challenge is to identify multifaceted approaches to identity that could thwart the adversarial behaviors that depend on lack of provenance while nonetheless supporting the many contexts where it is needed, including free speech and augmenting protections of the identity of victims and potential targets of abuse and attack (e.g., human rights workers).

Anonymity also facilitates socially destructive behaviors such as stalking, bullying, sexual harassment, and doxing (piercing the veil of the privacy of other people). What are technical approaches or potential remedies that do not require abandoning the free-speech benefits of anonymity?

Human-Centered Design of all Human-in-the-Loop Security-Related Interactions

Computer users are called on to make decisions and choices with cybersecurity consequences that they do not have sufficient knowledge and resources to make accurately or securely.

Decisions and choices may be explicit or implicit. Users may be using their own computer or a computer owned by their organization. They may be acting as an individual or as a member of an organization, such as an employee or even an administrator. They may be using special purpose tools as experts in a particular discipline (i.e., code development or threat hunting). The resources they lack to address the decisions thrust upon them, some of which may be irrevocable, are legion—information, knowledge, understanding, context, time, memory, attention, desire, and incentive.

The Verizon 2024 Data Breach Investigations Report⁶⁶ calls out that approximately two-thirds of breaches involve a (non-malicious) human element. This reflects the tendency, as noted in the IAM discussion above, for all sorts of cyber products to “kick the can down the road” to required human decision making, when the humans involved do not have sufficient resources to do so. In the IAM case above, what is lacking is

___________________

⁶⁶ Verizon, 2024, 2024 Data Breach Investigations Report.

transparency into the system and an understanding of the system’s complexity, which seems obviously like a too-heavy lift to require of a user.

Even in the most straightforward context, research on expert advice about what security practices users, as consumers, need to follow shows that experts do not agree on the most important.⁶⁷ The amount of expert advice is overwhelming and not necessarily coherent.

The responsibility for users to make impossible security decisions creates vulnerabilities that attackers discover and exploit using social engineering. The security impact from such attacks may be to the users themselves, their computers, their organization, or to the Internet at large. The unmet expectations placed on users deteriorate presumed protection levels (which may go undiscovered until it is too late). This can contribute to a state of habituation, or worse, learned-helplessness, for users—Why follow the security advice if I am not able to do it all, or even know which matters?

Testing with appropriately representative users is both expensive and difficult. There are no tools, frameworks, principles, or automation to do the required testing without humans in an adequate and rigorous fashion. There are still gaps between the best-of-breed testing methodologies in research and what’s available to testers, who are often entry-level employees.

While the techniques for testing are largely known, choice of testing subject needs to consider the user’s skills, knowledge, and context. Since those vary, testing needs to include a range of such subjects. In addition, because some of the cybersecurity-related decisions may come about from an error in the system, or an attack, the suite of interactions needing testing can be difficult to identify, and difficult to replicate for testing.

When users interact with devices and systems in unmanaged environments (personal use), they acquire ad hoc habits that are ineffective or insecure, and these are difficult to unlearn. Because there is often no discernable difference between effective security advice and ineffective security habits, users become accustomed to ignoring security advice and experiencing no known harms.

Builders may “punt to the user” to make decisions in uncertain design situations, which compounds the issue at hand. This shows up as either warnings presenting choices or new configuration settings, which are often hidden. If used correctly (with omniscience), perhaps the security would be improved, however usability of said features goes untested.

Security and privacy mechanisms today reflect current knowledge on how to expose and control, which often differs from the user’s cognitive model of the system.

___________________

⁶⁷ E.M. Redmiles, N. Warford, A. Jayanti, A. Koneru, S. Kross, M. Morales, R. Stevens, and M.L. Mazurek, 2020, “A Comprehensive Quality Evaluation of Security and Privacy Advice on the Web,” Proceedings of the 29th USENIX Security Symposium, August 12–14, https://www.usenix.org/system/files/sec20-redmiles.pdf.

Builders build what they know how to build. Users use what they are given. The resulting gap present a symmetry of ignorance that must be overcome.⁶⁸

Helping Security Professionals Help Security

This is part of cyber hard problem 6, “human–system interactions,” and cyber hard problem 2, “secure development.”

Even if human-centered design were addressed, support for human security workers is still insufficient to ensure optimal security outcomes. The workforce is core to cybersecurity, in practice, but there is not necessary support in place to help security workers thrive and perform, with education, tools, and processes. This includes workers of all sorts, including developers, designers, architects, IT, and specialists such as security architects, chief security officers, blue teams, content moderators, and fact checkers.

There are two interconnected facets to this problem—inadequate training and the inability to provide cybersecurity without that support. For generalists who are also security workers, the support needed includes training, resources, and incentives baked into the job, not exogenous. Education available to learn to code would teach best practices for coding securely. Specialized security worker education would cover the myriad of topics needed to be a security subject-matter expert—from architecture, to design, to coding security functions, to specialized security testing, to security in deployment and use.⁶⁹

The issue of inadequate tools and techniques for security workers to develop secure code is addressed in the cyber hard problems above.

The pool of trained security workers is limited, and training in one job can lead to the ability to move to a better paying job, creating an ongoing training need. Jobs that involve operational security vigilance are high pressure and can lead to burnout. Lack of certification means it is impossible to enforce education, training, and standards of professional conduct.

Since the 1996 New Security Paradigms Workshop,⁷⁰ there has been substantial work, both in research and practice, on usable security and privacy, particularly for individuals and consumers. However, there is less work on the many other humans involved in creating, maintaining, operating, receiving, and even attacking, security and privacy, and how they can be supported, or repelled.

___________________

⁶⁸ O. Pieczul, S. Foley, and M.E. Zurko, 2017, “Developer-Centered Security and the Symmetry of Ignorance,” Proceedings of the 2017 New Security Paradigms Workshop.

⁶⁹ As examples, NIST and the SANS Institute have training materials available for all levels from end users to cybersecurity professionals. See NIST, “Free and Low Cost Online Cybersecurity Learning Content,” Applied Cybersecurity Division, https://www.nist.gov/itl/applied-cybersecurity/nice/resources/online-learning-content, accessed February 6, 2025.

⁷⁰ M.E. Zurko and R.T. Simon, 1996, “User-Centered Security,” New Security Paradigms Workshop, https://www.nspw.org/papers/1996/nspw1996-zurko.pdf.

___________________

⁷¹ E.M. Redmiles, N. Warford, A. Jayanti, A. Koneru, S. Kross, M. Morales, R. Stevens, and M.L. Mazurek, 2020, “A Comprehensive Quality Evaluation of Security and Privacy Advice on the Web,” Proceedings of the 29th USENIX Security Symposium, August 12–14, https://www.usenix.org/system/files/sec20-redmiles.pdf.

⁷² CISA, “Secure by Design,” https://www.cisa.gov/securebydesign, accessed February 6, 2025.

of security configurations, and minimizing the “blast radius” of potential attacks by effectively partitioning critical and non-critical functions. Information-sharing models, akin to those used by the Federal Aviation Administration or anti-spam initiatives, can enhance collective resilience by disseminating threat intelligence and best practices across organizations. Finally, preparation requires deliberate practice to ensure that people and plans are effective, agile, and ready to respond to real-world incidents.

Advancing resilience is a collective effort that involves multiple stakeholders. Government agencies play a crucial role by setting standards and incentivizing resilient design, while industry groups can contribute by developing and promoting best practices. Companies, especially those operating critical infrastructure, have to make resilience a priority in their design and operational processes. It is important that resilience strategies be practical, scalable, and widely adopted.⁷³

Various indicators can be used to “measure” success in designing for resilience. For example, these include the system’s ability to maintain functionality during attacks, local and network outages and natural disasters, the speed and effectiveness of recovery processes, and the overall reduction in the impact of cyber incidents. Regular testing, simulation of attack scenarios, and continuous improvement based on feedback and threat intelligence will help gauge progress. Ultimately, a resilient cybersecurity posture will not only mitigate the damage from attacks but also instill greater confidence in the security and reliability of all systems.

This is cyber hard problems 1, 2, and 3, as well as its effect on problem 10.

Situational Awareness of Defenders

Growing software, system, and network size, complexity, and usage offer attackers increasing opportunities for both successful penetration (i.e., larger attack surface) and the ability to remain undetected and operate within the compromised environment (i.e., larger persistence volume). The former concern is generally addressed through secure system design and implementation, while the latter is addressed by intrusion detection and digital forensics. Although some progress has been made in software and system hardening (at least against certain classes of easier-to-exploit vulnerabilities), it appears that the dwell time of non-ransomware-focused sophisticated attackers remains high,⁷⁴ despite significant investment in the collection, monitoring, and analysis of security-relevant events. Essentially, the duality of detection and evasion in cybersecurity

___________________

⁷³ The Global Resilience Federation, a nonprofit, offers framework concepts for operational resilience for business. See Global Resilience Federation, “The Operational Resilience Framework,” https://www.grf.org/orf, accessed February 6, 2025.

⁷⁴ The committee excludes ransomware because it inherently exhibits a very obvious and “noisy” behavior relatively soon after infection. Examples of more recent, long-dwell threat actors include TRIANGULATION and Volt Typhoon.

continues to trend in ways favorable to the sufficiently motivated and well-resourced attacker.

As a result, successful defense and remediation requires timely identification and disruption of malicious activities, whether proactively or reactively. The current state of practice relegates defenders to playing “whack-a-mole” while peering through a keyhole, with in-band network management tools that are potentially influenced by the attacker. The current cybersecurity tools and practices are not sufficiently precise to reliably identify the activities of slow-and-stealthy attackers over extended periods of time, nor efficient or fast enough to identify and stop rapid-moving attacks. Furthermore, a lot of emphasis has been placed on exfiltration detection, with significantly less on detecting other types of cyberattacks such as scheduled system-level denial of service.

Several technical factors contribute to confounding the ability of defenders to achieve a sufficient level of situational awareness. These include, but are not limited to, (1) improved threat actor tactics (low “signal”) that increasingly take advantage of native features and resources⁷⁵ of the targeted environment; (2) high volume of benign system events (high “noise”) as a function of system size and complexity; (3) high volume of low-sophistication attack events (high “background radiation”) that lead to alert fatigue and misprioritization of response resources; (4) more complex and diverse system capabilities that, at least from an observability perspective, partially overlap with attacker capabilities, objectives, and behaviors (e.g., built-in screen recording, system-wide document search); (5) continued reliance on human-driven analysis (threat hunting), with the corresponding limitations on volume and pace of analysis; (6) the inability of analytics to keep up with ever-growing, security-driven telemetry data volumes; and (7) diminishing returns (low “gain”) but high, continuous, fixed cost for any additional type of telemetry collected and used, due to the rich set of pathways attackers can exploit to meet a given objective. Sociotechnical factors that also negatively contribute to the problem include the high cost for security-data storage and processing, the friction of information and data sharing and analysis across intra-organizational boundaries, lack of trained personnel, and (a sometimes real) conflict with other legal, privacy, or regulatory requirements.

No single solution appears sufficiently powerful to fully or substantively address the detection problem on its own. However, with appropriate investment for further scientific investigation, the following practices and technologies could play a positive role in addressing the problem:

• Software, system, and network partitioning⁷⁶ and tailored system monitoring can increase observability and improve attack detection, if actually analyzed

___________________

⁷⁵ This practice is often referred to as “living off the land.”

⁷⁶ Such partitioning appears to offer several security benefits, at the potential cost of overall complexity.

___________________

⁷⁷ DARPA, 2014, “Transparent Computing,” https://www.darpa.mil/research/programs/transparent-computing.

⁷⁸ MITRE, “ATT&CK,” https://attack.mitre.org, accessed February 6, 2025.

___________________

⁷⁹ An incomplete list includes false-positive rate, false-negative rate, accuracy, precision, recall, mean-time-to-detection, and mean-time-to-remediation.

⁸⁰ A fundamental limitation in the evaluation of almost all detection technologies remains the determination of false-negative rates.

___________________

⁸¹ Using an older backup is less likely to contain attacker artifacts, at the cost of lost data.

need for higher fidelity. Other relevant knowledge and capability gaps that need to be addressed include the following:

• Practical mechanisms are needed for creating high-integrity hot replicas or hot standbys that address common usage scenarios. Currently, the mechanisms and techniques that exist almost exclusively focus on server scenarios; expanding to desktop and mobile situations would greatly ease system reconstitution.
• Even if wholesale network recovery from scratch is impractical or infeasible, designing systems and architecting networks such that rapid reconstitution from scratch of key components and/or of large numbers of enterprise devices (e.g., by limiting or eliminating local storage and configuration) can help focus attention and resources to fewer locations. Relatedly, the development of techniques for incremental recovery is needed (e.g., prioritizing recovering and operating the parts of a system that are strictly necessary for business continuity).
• Determining and mitigating credential exposure, especially for those that are used by automated processes, is of high importance in reducing the potential for residual and lateral access. While credential management in general remains problematic, reconstitution in the absence of a human user presents its own particular challenges.

Several metrics can be used to gauge progress in this space. System-wide, the goal is to reduce mean time to second compromise and mean time to system restoration, and to achieve higher completeness in attack path reconstruction relative to ground truth (potentially in the context of red team–based evaluations, where ground truth can be made available).

This is a core aspect of cyber hard problem 10.

NEW TECHNOLOGY CYBER HARD PROBLEMS

New technology is bringing new cyber hard problems. A prime example is AI, another is CPS. The challenge in securing AI applications and CPS is a core contributor to cyber hard problem 9 but also affects 1, 2, 3, 4, and 10. It also profoundly affects cyber hard problem 7.

___________________

⁸² A. Vassilev, A. Oprea, A. Fordyce, and H. Anderson, 2024, “Adversarial Machine Learning: A Taxonomy and Terminology of Attacks and Mitigations,” NIST Computer Security Resource Center, January, https://csrc.nist.gov/pubs/ai/100/2/e2023/final.

___________________

⁸³ European Commission, 2024, “AI Act,” https://digital-strategy.ec.europa.eu/en/policies/regulatory-framework-ai.

⁸⁴ Department for Science, Innovation and Technology and the Office for Artificial Intelligence, 2023, “AI Regulation: A Pro-Innovation Approach,” March 29, https://www.gov.uk/government/publications/ai-regulation-a-pro-innovation-approach.

⁸⁵ Common Weakness Enumeration, “CWE-52: Deserialization of Untrusted Data,” https://cwe.mitre.org/data/definitions/502.html, accessed February 6, 2025.

⁸⁶ A. Vassilev, A. Oprea, A. Fordyce, and H. Anderson, 2024, “Adversarial Machine Learning: A Taxonomy and Terminology of Attacks and Mitigations,” NIST AI 100-2 E2023, January, https://csrc.nist.gov/pubs/ai/100/2/e2023/final.

⁸⁷ J. Bressers, 2023, “SBOM Everywhere and the Security Tooling Working Group: Providing the Best Security Tools for Open Source Developers,” Open Source Security Foundation (blog), June 30, https://openssf.org/blog/2023/06/30/sbom-everywhere-and-the-security-tooling-working-group-providing-the-best-security-tools-for-open-source-developers.

observed. Unfortunately, unlike a binary set of attributes or functions, the set of risky model behaviors may be incomplete, imprecise, and less actionable than in traditional software. Thus, it is still important to employ third-party audits and third-party guardrails to discover and control runtime behavior.

Defense Against Offensive Artificial Intelligence

Defenders are unprepared for a dramatic increase in scale and complexity of cyber operations from offensive AI tools—when attackers leverage AI for traditional cybersecurity operations. The risks presented by using AI for offensive purposes are offset at least to some degree by the potential for defenders to leverage AI to implement compensatory security controls and mitigations, but these are not addressed here.

As highlighted in the National Security Commission on Artificial Intelligence Final Report,⁸⁸ digital infrastructure may be increasingly indefensible against escalating, offensive, AI-enabled cyber capabilities without offsetting defensive controls. Threat actors are beginning to leverage AI for various malicious use cases, including offensive copilots, scaling social engineering attacks, and enhancing offensive operations.

Offensive AI is still nascent, but researchers are developing AI for various offensive purposes that will challenge defensive systems and processes. AI-driven offensive capabilities can increase the potency and speed of cyber campaigns and present significant threats to both digital infrastructure and human targets.

AI can expedite traditional cyber campaigns against digital infrastructure in several ways. For example, using LLMs, attackers can expedite the discovery, development, and delivery of exploits through automated code reversing, vulnerability discovery, and instrumentation of exploits for vulnerabilities. AI systems that reduce the time required for threat actors to execute attacks by automating labor-intensive tasks represent a sort of “offensive copilot” that can decrease the time to impact in cyber operations.

AI-powered tools can also assist attackers in more rapid maneuvering during hands-on parts of offensive campaigns to scale offensive operations. By integrating generative AI agentic frameworks with existing tools, attackers can orchestrate complex operations that cover large portions of an attack life cycle in a way that was not previously possible.

The impact on human targets using AI presents a formidable challenge. Disinformation campaigns that leverage deepfakes have already become part of public awareness due to several incidents involving elections⁸⁹ and digital warfare that now requires

___________________

⁸⁸ E. Schmidt, R. Work, S. Catz, E. Horvitz, S. Chien, A. Jassy, M. Clyburn, et al., 2021, Final Report, National Security Commission on Artificial Intelligence, released March 1, https://reports.nscai.gov/final-report.

⁸⁹ E. Sayegh, 2024, “The Battle for Truth in Election Seasons: AI-Generated Deepfakes,” Forbes, May 14, https://www.forbes.com/sites/emilsayegh/2024/05/14/the-battle-for-truth-in-election-seasons-ai-generated-deepfakes.

news consumers to question the validity of reports.⁹⁰ Since bad news tends to travel faster than good news, correcting disinformation is an asymmetric challenge.

These tools can also be used for fraud. Highly realistic and interactive social engineering attacks for fraud are now possible with generative AI. In this setting, attackers can create convincing impersonations or scenarios to manipulate individuals in a way that feels customized.⁹¹ AI’s potential to scale such attacks is a developing threat vector, where generative AI can create deepfakes and other convincing forms of fake identities for automated and interactive phishing or scamming operations.

The human challenges that this presents have been called out in other cyber hard problems. The key ingredient that AI brings is the sophistication and potential for scale. While fundamental security practices can ward off many of these attacks, the increased scale and sophistication allows attackers and fraudsters to affect a much broader set of victims. In a setting of fixed resource constraints of defenders, remediation and response can become intractable.

Enforceable Policies for Data in Distributed Systems

Many cyber and cyber-enabled systems include a data component, either creating new data, processing existing data, or transmitting data to achieve a particular purpose. The designers of the system or application build the service with specific security and privacy properties to mitigate the occurrence and impact of adverse events—that is, uses of the data that go beyond the intended purpose. The user of the system, and relevant regulatory or law enforcement entities, desire the ability to hold the data steward accountable for upholding the properties as promised while also ensuring that unexpected uses of the data are not possible (i.e., “the software does what it says with the data; no more, no less”).

In the absence of a solution to this problem, there is little choice but to trust that data are collected, used, and stored appropriately without much assurance. Prior to deployment or adoption, there is a requirement to convince the user and relevant authorities that the promised properties are sufficient and correctly implemented. Post-deployment, the data steward may need to modify the data use or protection terms and need to re-consent the data subject or owner, updating the presentation of the use and proposed protections and accurately recording the update.

___________________

⁹⁰ D. Klepper, 2023, “Fake Babies, Real Horror: Deepfakes from the Gaza War Increase Fear About AI’s Power to Mislead,” Associated Press, November 28, https://apnews.com/article/artificial-intelligence-hamas-israel-misinformation-ai-gaza-a1bb303b637ffbbb9cbc3aa1e000db47.

⁹¹ H. Chen and K. Magramo, 2024, “Finance Worker Pays Out $25 Million After Video Call with Deepfake ‘Chief Financial Officer,’” CNN World, February 4, https://www.cnn.com/2024/02/04/asia/deepfake-cfo-scam-hong-kong-intl-hnk/index.html.

___________________

⁹² Verizon, 2024, 2024 Data Breach Investigations Report.

targeted at public figures, and attack core democratic processes such as elections. Much of the U.S. economy relies on the reputations of the strength of businesses and financial infrastructure, making this a potential weapon against U.S. economic stability.

What makes this a hard problem is the following:

• Core principles important to democracy, including free speech and privacy protections, preclude certain approaches to detecting these or fighting fire with fire. Censorship of U.S. citizens is directly counter to free speech.
• Notwithstanding the variously successful Internet censorship regimes, there are no geographical boundaries that serve as a natural defensible “perimeter.”
• Misaligned incentives—for example, for ranking algorithms, “engagement” versus “truth.” The former can be monetized. Unlike preventing cybersecurity attacks, preventing the use of a platform for disinformation is not unequivocally counter to the business concerns or agendas of those who own and run such a platform. Nor is it necessarily counter to the desires of those targeted (see The Weekly World News tabloid for a benign analogy and conspiracy theorists for a less benign example).
• Bots are often and usually indistinguishable from people, creating perceptions of scale and diversity that can be false and misleading.
• Human attributes and limitations are targeted: confirmation bias, the tendency to anthropomorphize, motivations, and desires to believe the best or worst in others.
• While there are experiments in the wild or with crowdsourcing and panels, there are no tools or frameworks to systematically consider how a deployed technology may be effectively used for disinformation, including threat modeling and abuse cases to consider the cybersecurity of a system.
• Using cyber means to maliciously manipulate individuals, communities, and societies for adversarial purposes is a cybersecurity problem, but not only a cybersecurity problem. It can involve social science, psychology, ethics, policy, business, law, and political science. It can overlap with other categories of potential cyber hard problems; social science of human capabilities and limitations and mitigations to account for challenges, engineering to mitigate human limitations and weaknesses, AI reliability, deepfakes, phones as a privacy problem, authentication and access control in the context of the global commons, and information and data provenance. It may involve so many disciplines and related issues that it is sui generis as a cybersecurity problem.

___________________

⁹³ Coalition for Content Provenance and Authenticity, “Overview,” https://c2pa.org, accessed February 6, 2025.

___________________

⁹⁴ Harmonizing policies across jurisdictions (state, federal, and international) is a super-hard problem.

___________________

⁹⁵ This is related to myopic loss aversion. See R.H. Thaler, A. Tversky, D. Kahneman, and A. Schwartz, 1997, “The Effect of Myopia and Loss Aversion on Risk Taking: An Experimental Test,” The Quarterly Journal of Economics 112(2):647–661.

for good faith efforts accompanied by product design transparency, and by offering tax incentives or subsidies for businesses that invest in robust cybersecurity measures. Public–private partnerships can facilitate better information sharing and collective defense initiatives. An example of a public–private partnership that does such a thing successfully is the National Cyber-Forensics and Training Alliance, which brings together the business sector and law enforcement to disrupt cybercrime. Additionally, developing standardized metrics for assessing cybersecurity investments and outcomes can help businesses make more informed decisions. The implementation of mechanisms like the U.S. Cyber Trust Mark, which provides a recognizable standard of cybersecurity for consumers of wireless IoT devices, is a step in the right direction.

Those who can take action to realign incentives span across sectors. Policy makers and regulators can introduce and enforce laws that require graded security standards, depending on the kind of device and its use environment, and incentivize compliance. For example, autos that can be easily stolen because their keyfobs use weak cryptography and pervasive back doors in network-connected devices seem like areas that need to be addressed. Absent this, industry leaders and business executives will not prioritize cybersecurity as a critical component of their operational strategy and allocate appropriate resources. Insurers can refine their risk assessment models and offer premium reductions for policyholders that adopt best practices. Consumers can influence the market by demanding more secure products and services. Additionally, cybersecurity researchers and advocacy groups can continue to highlight the importance of aligned incentives and drive awareness.

Success in realigning incentives can be measured through several indicators. A notable decrease in the frequency and severity of cyber incidents would suggest that stakeholders are making more security-conscious decisions. Increased investment in cybersecurity by businesses, moving closer to the recommended 10 percent of budgets, would also be a positive sign. Ultimately, success will be reflected in a more resilient and secure digital ecosystem where the costs and benefits of cybersecurity investments are better aligned across all stakeholders.

Cybersecurity Poverty

An often-overlooked consequence of technology’s spread is the difficulty that organizations and individuals have in securing it. Originally described in 2011,⁹⁶ the “security poverty line” is a concept that delineates the “haves” from the “have nots”: whether it is economically or technically feasible to implement what is generally assumed to be effective security, given real-world conditions. Just as with economic poverty, cybersecurity

___________________

⁹⁶ W. Nather, 2011, “T1R Insight: Living Below the Security Poverty Line,” 451 Research, May 26, https://web.archive.org/web/20140203193523/https:/451research.com/t1r-insight-living-below-the-security-poverty-line.

poverty results from many complex dynamics and factors. This problem exacerbates the effects of cyber hard problems 1, 2, and 4.

Because there is no simple prescriptive blueprint for building secure systems, some have tried to measure effective mitigation of carefully scoped attack scenarios, such as MITRE’s Engenuity evaluations⁹⁷; others have tried to calculate the projected cost of security technology according to a given compliance framework⁹⁸ or simply following security professionals’ recommendations.⁹⁹ Although peer benchmarking and trends reports describe how much some organizations spend on cybersecurity, the reports do not address whether the spending is effective or appropriate. Spending formulas, such as the percentage of IT budget, do not necessarily scale up or down, nor do they have any link to positive or negative outcomes. Some increasingly critical controls (e.g., logging) are not included in the minimum baseline edition of products but are premium priced.

Another confounding factor for organizations is expertise. Cybersecurity expertise is not simply education or training; it also includes the experience of securing new technology and diagnosing and responding to new vulnerabilities and attacks. Organizations find themselves competing for this expertise against the deeper pockets of security providers (according to Glassdoor, the total salary in 2024 for a senior cybersecurity analyst is $156,000–$234,000 per year).

Constraints within the environment also affect an organization’s capability to secure itself. For example, conventional best practice in cybersecurity calls for a system to be designed to fail safe rather than open; this is not an option in a safety-focused sector such as health care, where medical staff may never be barred access to equipment or data needed to treat patients in an emergency. Software that integrates with hundreds of different systems under a variety of countries’ regulatory environments can take months or years to update. Onsite upgrades for thousands of point-of-sale systems mean that retailers must choose carefully when to incur that downtime and expense, and certainly not during the heaviest shopping times of the year. Every cybersecurity risk framework or practice may need to be adapted substantially to work around these obstacles.

Finally, in an era where cybersecurity controls are spread among third-party providers (see the section “Supply Chain” below), organizations have to rely on the cooperation of other entities with whom they may have little to no legal or commercial influence. With a sufficiently large amount of money at stake or the possibility of negative public relations, a provider may be incentivized to meet the security requirements of a customer, but smaller organizations lacking this kind of influence cannot necessarily receive

___________________

⁹⁷ MITRE, 2024, “Our ATT&CK Evaluations Methodology,” https://attackevals.mitre-engenuity.org.

⁹⁸ Center for Internet Security (CIS), 2023, “The Cost of Cyber Defense,” CIS Controls Implementation Group 1, August, https://www.cisecurity.org/insights/white-papers/the-cost-of-cyber-defense-cis-controls-ig1.

⁹⁹ A. Shimel, 2013, “What Is the Real Cost of Security?” NetworkWorld, April 4, https://www.networkworld.com/article/744780/opensource-subnet-what-is-the-real-cost-of-security.html.

the emergency services they need during an incident, force the timely remediation of an identified vulnerability, or reject provider conditions that may result in increased risk (such as allowing overly broad network access). Regulations will not work unless the regulated parties have access to tools that are affordable (sustainable) and actually reduce risk. Without uniform cybersecurity regulations or other incentives, most small- and medium-sized businesses, nonprofits, and local public-sector entities (including law enforcement) have to make do with the equivalent of security scraps, with support only available piecemeal from managed service providers, from a provider specified by their cyber insurer, or volunteer efforts such as the University of California, Berkeley–led Cybersecurity Clinics.¹⁰⁰

Supply Chain

Fully organic development shops such as Google and Apple have the advantage of full (internal) transparency in their software code bases. This facilitates direct analysis at scales ranging from lines of code in small components to design choices for APIs and architectural features. This also facilitates comprehensive assured refactoring; for example, updating a service API with potentially hundreds of clients, all incompatibly updated in an atomic action. Additionally, it facilitates a fully explicit linking of design models, implementation artifacts, test cases, analysis tooling, and any supporting elements.^101,102

In other words, full transparency facilitates ongoing acceptance evaluation, rapid adaptation, and repairs without creating technical debt (i.e., expedient decisions that would later need to be revised in order to permit continued evolution of a system).

By contrast, large enterprise and mission systems are generally integrated from diversely sourced components and services (“system elements”), some of which are kept opaque to their clients in order to retain competitive advantage, protect sensitive data and algorithms, and enable update and enhancement without unwanted dependencies on (hidden) implementation choices. This means that even when one layer is revealed in a complex system, there can be multiple opaque layers beneath, analogous to “turtles all the way down.”

The integrated systems model poses challenges, however. One set of challenges relates to acceptance evaluation, due to opacity of system elements and uncertainty regarding compatibility of elements. Another set of challenges relates to update and evolution, deriving from compatibility issues as individual elements are on uncorrelated update cycles. (Services, for example, can be updated several times per day, while

___________________

¹⁰⁰ Consortium of Cybersecurity Clinics, “Cybersecurity for the Public Good,” Center for Long-Term Cybersecurity, https://cltc.berkeley.edu/program/consortium-of-cybersecurity-clinics, accessed February 6, 2025.

¹⁰¹ “Why Google Stores Billions of Lines of Code in a Single Repository,” posted September 14, 2025, by @scale, YouTube, https://www.youtube.com/watch?v=W71BTkUbdqE.

¹⁰² H. Wright, 2019, “Lessons Learned from Large-Scale Refactoring,” 2019 IEEE International Conference on Software Maintenance and Evolution, December 5, https://ieeexplore.ieee.org/document/8919159.

open-source components may be updated every few weeks.) Evolution is also impaired by opacity, and many systems sustainment teams must engage in active reverse engineering to assess and document for repair security vulnerabilities, for example. There are also challenges related to overall systems architecting and design. Architectural decisions focused on reducing coupling, localizing variabilities, enhancing key quality attributes (particularly resiliency), and the like may need to be compromised to support compatibility of APIs, data representations, and service interfaces among elements that are meant to interoperate.

An extreme example is the incorporation of vendor components as original equipment manufacturer elements into integrated systems, such as commercial desktop systems into medical devices such as imaging systems. The end user, and possibly the IT support team, might not have sufficient visibility to be aware of the incorporated desktop as other than part of an appliance, and so that desktop may not, over a period of years, receive necessary updates and security patches. The resulting vulnerabilities have been exploited in ransomware attacks.^103,104

An additional consequence of supply chain opacity is hidden dependencies, where a deeply embedded vulnerable system element can trigger disruptions in the event of compromise or, in the case of open source, loss of configuration control. Attacks on embedded supply chain elements can have broad consequences, and so these elements are a favored target by attackers. Examples include Blackbaud, a service provider to financial services and other organizations including critical nonprofits.¹⁰⁵ A research report by the Cyentia Institute (a subsidiary of Mastercard) and RiskRecon¹⁰⁶ identified ripple effects impacting between 800 and 1,000 downstream organizations. The network security vendor SolarWinds unintentionally delivered a malware payload embedded in a signed system update that was automatically distributed.¹⁰⁷ A more recent extended global outage, caused by an automatically deployed update to CrowdStrike security software on Windows systems, affected millions of systems from banks to commercial aviation, health care, and critical infrastructure.

This can be an issue even when the embedded system element is a tiny fragment of code. One example from 2016 is leftpad, which is an 11-line module of code in the

___________________

¹⁰³ L. Hautala, 2020, “Hospital Devices Exposed to Hacking with Unsupported Operating Systems,” CNET, March 10, https://www.cnet.com/health/medical/hospital-devices-exposed-to-hacking-with-unsupported-operating-systems.

¹⁰⁴ C. Van Alstin, 2023, “RSNA 2023: Hospital Imaging Systems May Be Gateways for Ransomware, Expert Warns,” HealthImaging, November 30, https://healthimaging.com/topics/professional-associations/radiology-associations/radiological-society-north-america-rsna/rsna-2023-ransomware-medical-devices.

¹⁰⁵ L. Fair, 2024, “FTC Says Blackbaud’s Lax Security Allowed Hacker to Steal Sensitive Data—and That’s Just the Beginning,” Federal Trade Commission (blog), February 1, https://www.ftc.gov/business-guidance/blog/2024/01/ftc-says-blackbauds-lax-security-allowed-hacker-steal-sensitive-data-thats-just-beginning-story.

¹⁰⁶ Riskrecon, “New Report: Ripples Across the Risk Surface,” Riskrecon by Mastercard, https://www.riskrecon.com/ripples-across-the-risk-surface, accessed February 6, 2025.

¹⁰⁷ L. Fair, 2024, “FTC Says Blackbaud’s Lax Security Allowed Hacker to Steal Sensitive Data.”

million-element open source NPM ecosystem widely used for web applications. The developer of this small component chose to delete it and other elements from the library due to a dispute over names for a software package. The deletion lasted only 2 hours but caused widespread disruption because of its pervasive use deep in the supply chain supplying web applications.¹⁰⁸

There are also supply-chain issues in IoT, CPS, and networking infrastructure generally. One example was an attack on small office and home office (SOHO) routers, identified by Black Lotus Labs at Lumen Technology.¹⁰⁹ In this case, more than 600,000 routers belonging to a single internet service provider were completely disabled, forcing the entire customer base to have their equipment physically replaced. In other cases, these SOHO routers are not regularly updated or are no longer supported by the vendor so that no security updates are available; the accumulating residue of vulnerabilities makes a perfect platform for attackers to take over infrastructure and use it for botnets or proxying services.

On the one hand, the approach to security vulnerabilities has been to encourage organizations to patch early and often, and preferably automatically. But as these examples show, automatic updates gone wrong can also cause catastrophic events. Victims of attacks and outages are caught in the middle between conflicting imperatives, and the cybersecurity industry owes them a better answer than to say “just patch.”

The recent mandates regarding use of an SBOM can be seen as transforming what is sometimes a full opacity into a kind of “translucency” where some information is provided downstream (i.e., to client users, integrators, and end customers) in order to overcome some of these challenges and, additionally, create some incentives within the supply chain to address security attributes more aggressively. An SBOM, representing something akin to a food ingredient list, can empower organizations to make better procurement decisions, but only when they have feasible alternatives.

This is, of course, a supply-chain cyber hard problem also affecting hard problems 1, 2, and 3.

Liability

Liability for faulty code or hardware represents a critical and complex issue in cybersecurity. Under “contracts of adhesion” vendors often sell software “as is,” disclaiming responsibility for defects that may lead even to significant breaches or failures. Cyber systems cannot be evaluated based on a quick inspection (like a vacuum cleaner) or even a diligent inspection. Choices for equivalent functionality in other products, are often

___________________

¹⁰⁸ Ibid.

¹⁰⁹ Black Lotus Labs, 2024, “The Pumpkin Eclipse,” Lumen, May 30, https://blog.lumen.com/the-pumpkin-eclipse.

very limited and, as discussed, there is a market failure that does not practically enable consumers to “select the model with the security they want.” Except for copyright and patent infringement and designated systems like medical devices and automotive, or software used in other regulated industries, where limitation of liability is circumscribed by law, most software is marketed with the “understanding” that some level of imperfection is acceptable. Thus “legal” remedies are largely ineffective even with expensive litigation. This becomes particularly problematic in cybersecurity where software faces sophisticated, evolving attackers. The challenge is compounded by the displacement of loss onto consumers rather than the companies responsible for the vulnerabilities.

The consequences of faulty code extend far beyond mere inconvenience. Consumers, businesses, and governments all suffer from the fallout of software failures. Establishing liability would incentivize vendors to prioritize security and quality, potentially reducing the frequency and severity of breaches. However, current practices and economic realities pose significant hurdles. Large companies, even after significant breaches, rarely face existential threats, and the costs are often borne by consumers and smaller entities.

Addressing this issue requires overcoming several barriers. First, there is a need for a cultural and operational shift within the software industry. The mantra that “we did the best we could” (even if true) must give way to more rigorous standards and accountability. Introducing liability necessitates robust metrics and frameworks to evaluate software safety and security, akin to those in place for other regulated industries. However, creating these standards is not straightforward. The dynamic nature of software development, coupled with the continuous evolution of threats, makes it difficult to establish a static baseline for safety. Furthermore, the global nature of the software supply chain complicates the assignment of liability, as many stakeholders—from developers to suppliers—are involved in the creation and maintenance of software products.

Potential approaches to this problem include both voluntary and mandatory assessment mechanisms. These standards would need to be continuously reviewed and updated to remain relevant. Another approach is to create a “safe harbor” for vendors who follow best practices, thus incentivizing compliance while recognizing the inherent challenges of achieving absolute security.¹¹⁰

Government agencies can establish and enforce regulatory standards, while industry groups can develop and promote good practices, with incremental adoption. Companies, particularly large enterprises with significant market influence, can lead by example, incorporating security into their development processes and advocating for broader industry changes. Collaboration between public and private sectors is essential

___________________

¹¹⁰ Lawfare (https://www.lawfaremedia.org/topics/cybersecurity-tech) has a number of relevant notes on this topic.

to ensure that standards are practical and effective. Although other domains such as medicine and civil and mechanical engineering have successfully employed professionalization standards, the software field generally does not possess the sort of widely accepted, comprehensive principles as the other fields.¹¹¹

Success in this endeavor would be indicated by a measurable reduction in the frequency and impact of software-related breaches. Metrics could include the number and severity of vulnerabilities discovered and exploited, time to patch after exploit announcements, the financial and operational damage from breaches, and the rates of compliance under established standards. Ultimately, creating a more secure software ecosystem will require sustained effort and cooperation across the industry, but the potential benefits for all stakeholders make it a goal worth pursuing.

Third-Party Intervention

Most cyberattacks rely on communication over the Internet. The Internet, globally and even within countries, is not owned, operated, or controlled by a single legal or technical entity or by a closed set of governments, major corporations, or technology institutions; nor is it subject to a single set of policies. Rather, the Internet is an aggregate whose owners, operators, participants, and technologies function independently of one another but interoperate. As a result, long before they touch their target networks and endpoints, cyber operations traverse and in some cases leverage infrastructure, technology, and services owned, operated, and offered by different Internet infrastructure providers (IIPs). These companies include (without counting computing hardware companies) operating system developers, cybersecurity firms, Internet service providers, mobile telecommunications companies, cloud and virtual private server providers, content delivery networks, Domain Name System service providers, hosting providers, domain registrars, and a variety of Internet technology platforms, such as browser, e-mail, and search platforms.

These companies see themselves as neutral providers of global Internet services but not as critical infrastructure assets with a key role to play in systemic security and resilience. Although most of these companies invest substantially in cybersecurity measures, and occasionally cooperate operationally to degrade specific threats, they lack regulatory, financial, or other incentives to systematically address malicious actors’ use of their technology and services in cyber operations that do not directly and immediately impact them. Their cybersecurity efforts and cross-company cooperation are further hamstrung by a complex legal, privacy, regulatory, antitrust, government, and business environment.

___________________

¹¹¹ Circumscribed certifications, like network administration, can be useful but they are scarcely comprehensive.

Securities and Exchange Commission, the Federal Trade Commission, the Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA); and, in certain cases, the Department of Defense. While CISA has made progress with information sharing, the fear of liability still exists because it is not possible for CISA to fully protect companies reporting a breach from litigious actions taken by other government agencies due to different authorities and regulations. In addition, CISA cannot protect companies from civil lawsuits from other companies, customers, and third parties.

Accordingly, and starting from a recognition that its greatest strength is as a convener for collaboration on a technical level, the U.S. government could provide a safe, non-litigious forum for technical collaboration and data sharing without fear of liability from both the U.S. government and private industry, perhaps after the model of the Information Sharing and Analysis Centers.¹¹² Such a forum would create potential for end-to-end visibility across the domestic Internet infrastructure. Such a forum could be coordinated with the U.S. Cyber Command, and potentially be tipped by the Intelligence Community—but, critically, it should not be used as a source for data by the latter. To the extent that technologies for private TIS exist or can be developed, they will play a significant role in countering narratives of collusion and negative public perception.

One option is to require all companies over a certain size to have cybersecurity insurance—and allow companies to work together to bundle end-to-end coverage to further sharing of information. This also creates the incentive for companies to follow standards and adopt technologies for lower insurance rates. Working through the insurance providers may be a more tractable proposition. However, cyber insurance coverage is very limited and for all the reasons mentioned earlier, insurance companies themselves are in no position to judge the security of the systems they insure. Careful mechanism and incentive design are needed to avoid simply transferring the intractable problem from the company to an insurance firm.

Individuals and organizations have a legal right to pursue those who violate their service agreements with civil courts. Creating a special cyber court and providing it with the necessary technical resources to fully pursue cyber criminals and threat actors (even nation-state sponsored ones, to the extent that it is not desirable to treat these as an act of war) may be appropriate given the technical understanding required by the U.S. government and all parties.

Another option is to create a “cyber fire department,” with broad authority to act on third-party, including private cyberinfrastructure. This could be operated by the U.S. government, by contracted private entities, or in a federated or localized manner to reflect constraints of specific sectors, geographical areas, or other considerations. It is

___________________

¹¹² National Council of ISACs, “Information Sharing and Analysis Centers (ISACs),” https://www.nationalisacs.org, accessed February 6, 2025.

almost certain that significant new authorities conferred by legislation (including limited liability waiver) would have to be granted to such an entity.

Ultimately, if the United States wishes for the Internet infrastructure providers to play better defense, it will have to either create the right financial incentives for markets to value security more than they currently do, or directly pay for such better practices. Tax credits, bounties, fees on connectivity bills, security investment programs through the Small Business Administration, and subsidized cyber insurance (combined with heightened terms and conditions for such policies) are only some of the ways such financial support can be extended.