International cyber forces face challenges in managing global supply chains

In the ever-evolving landscape of cybersecurity, the actions and capabilities of nations have become a significant factor in shaping the digital world. The Belfer Center's cyber power ranking sheds light on the dominant players, with the United States taking the top spot, followed closely by China, the U.K., and Russia.

The ranking, however, is not solely based on adversarial activities like the SolarWinds or Microsoft Exchange hacks. Instead, it encompasses a nation's commercial activities, defence capabilities, offensive and intelligence prowess, and adherence to norms. For instance, China ranked high for commercial activities, while Russia took the lead in surveillance activities.

The U.S., under President Joe Biden, is seeking to strengthen its cybersecurity posture further. Chris Inglis, Biden's pick for national cyber director, has expressed a desire to see Congress adopt more of the Cyberspace Solarium Commission's recommendations that bolster contributions to the private sector. The federal government is already including the private sector in its cybersecurity plans and investing in next-generation technologies.

However, the challenge lies in ensuring the trustworthiness of these partnerships. Rep. Mike Gallagher, R-WI, and Suzanne Spaulding have advocated for a "buy ally" framework to build a trusted supply chain. This framework aims to foster relationships with reliable partners, with funding and investments in allies being crucial for understanding what makes a partner trustworthy.

The nature of adversarial nations like Russia presents a unique challenge. Russia's intentions, according to the Belfer Center's research, typically fall in line with trust erosion. They are known to undermine trust-based systems used domestically and abroad, using disinformation campaigns or corrupting software updates. Retired Gen. Keith Alexander stated that the U.S. is not prepared enough to act offensively in cyberspace.

As private industry becomes increasingly intertwined with geopolitics via cyber, governments will have to balance national security, business continuity, and intellectual property protection. In the words of Chris Inglis, the government should have "its own house in order" while increasingly engaging with private industry.

In conclusion, the cybersecurity landscape is a complex and dynamic one. The dominant cyberpowers, including the U.S., China, Russia, Israel, and the U.K., are continuously shaping this landscape, and the need for a trusted supply chain and balanced engagement with the private sector is more crucial than ever.