NEWYou can now listen to Fox News articles!

Why hasn’t cyber figured more prominently in Russia’s war on Ukraine? Russia is, after all, a powerhouse in this area having successfully cyber-attacked Estonia in 2007, Georgia in 2008, and Ukraine in 2015-2016. Add to that an unexpectedly difficult start to the current, long-planned campaign against Ukraine and the question becomes even more perplexing. Analysts have many and varied views on the matter and recent reporting has laid out almost a dozen different potential explanations. Some suggest there is no need to go there, and that the possible downside outweighs any upsides. Others suggest that Putin may still go there - just not yet.


The latter explanation is compelling if only because it requires us not to let down our guard and to continue marching forward on plans to expand and deepen America’s own cyber resilience posture and abilities to withstand cyber and electronic warfare. The good news is that certain key sectors that represent critical infrastructure and support vital national functions have been enhancing their defenses for years. Think financial services and energy for example. 

The bad news is that other equally important sectors are nowhere near as prepared. Think water - which is working to up its game but is nowhere near where it needs to be as the recent spate of ransomware has made clear. And this is the state of play among the big dogs. Yet the U.S. is an incredibly target-rich environment for any adversary because of the sprawling decentralized nature of both its public and private sector. Put differently: Small and medium size enterprises are not outside the crosshairs. 


Officials have been working hard to raise awareness and offer assistance to both public and private entities that may not have the resources or ability to properly protect themselves on their own in the current climate that is so rife with potential cyber threats. The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (better known as CISA) has been doing yeoman’s work in this area. But the scope of the challenge is enormous.

So where should we go from here? We must better marshal our efforts so that the piecemeal and uneven progress that has been made to date becomes a more streamlined national effort that makes it far harder for any adversary to achieve its ends. Having a National Cyber Director (NCD) to act as coordinator and definitively take point on the all-important task of prioritizing our game plans and facilitating their execution in a way that ensures that they will be more than just the sum of their parts is a true step forward. 


But the NCD will not be able to go it alone. Public and private efforts must cohere and partnerships must be more meaningful than ever before. It’s a tall order but the Joint Cyber Defense Collaborative (JCDC) under CISA auspices is a powerful tool that could rise to the challenge if all stakeholders determinedly make that their mission. Among its payoffs could be better situational awareness than the nation has ever had - and coordinated operations that give bad actors a serious run for their money. 


Ukraine Zelenskyy

Ukrainian President Volodymyr Zelenskyy  addresses the nation in Kyiv, Ukraine. (Ukrainian Presidential Press Office via AP)

We may not yet be where we need to be, but we can’t take our eyes off the ball. So far the conflict in Ukraine may not have unfolded exactly as Russia thought it would; but these are still early days in what is likely to be a long and punishing war. Longtime expert Putin-watchers underscore that he may lash out further should he feel cornered. He has already made an implied threat concerning the use of nuclear weapons. And now Russian forces claim to have taken over a nuclear plant in Ukraine - the largest such plant in Europe.


What comes next is anybody’s guess. But forewarned is forearmed. Let’s push down the path to better preparedness as fast and hard as we can so that we don’t end up regretting that we missed our chance to do so. 

Frank J. Cilluffo, is director of Auburn University’s McCrary Institute for Cyber and Critical Infrastructure Security. Sharon L. Cardash is the McCrary Institute’s deputy director for policy.