A new front has opened in American national security. It is being fought in cyberspace, and private businesses in critical industries like energy, healthcare, water and financial services are on the frontlines.  

This was the message delivered by Congressman Mark Green (R-TN-7) and Jen Easterly, Director of the Cybersecurity and Infrastructure Security Agency (CISA) at a business roundtable in Nashville, Tennessee, this week. I was privileged to attend, along with other business executives, to discuss the cybersecurity challenges we face from nation-state attacks. A primary theme was how the U.S. government can assist businesses to defend and secure their networks against these attacks.  

Chairman Green and Director Easterly summarized the following ways the U.S. government can assist businesses in addressing their cybersecurity needs.  

Increasing the cyber workforce 

According to a recent Congressional hearing, there are nearly 500,000 vacant cybersecurity jobs in the U.S., which is a critical vulnerability to our national security. Chairman Green discussed the need for creating a federal pipeline of cybersecurity talent by incentivizing public service that could then lead to the needed talent for the private sector. Likewise, CISA highlighted the need to prioritize hiring for cyber skills, knowledge, and capability over less-relevant educational requirements that often discount many qualified applicants.  

Streamline government regulation 

Chairman Green and Director Easterly were eager to hear from the business leaders on repetitive and burdensome regulatory reporting requirements. Many industry representatives shared how these well-intentioned regulations have the unintended consequence of diverting companies’ staff time and resources from protecting organizations against cybersecurity attacks. Chairman Green discussed his efforts in Congress to ensure that no new duplicative reporting requirements were added to businesses.  

Incentivize for Secure by Design 

Earlier this year, CISA announced “Secure by Design” commitments from software manufacturers who will build security directly into their software design. Director Easterly discussed how this pledge is a significant shift in cybersecurity risk for software, which in the past prioritized being the first to market or distinguishing features over security. I was proud to be the first CEO to sign this pledge, committing Ivanti to principles, standards and actions that will help us further elevate the security of our products and better protect our customers.  

Globally, organizations are facing cybersecurity threats that threaten to disrupt day-to-day operations and endanger national security. The challenges that businesses and governments face to keep their products and networks secure are significant and consistent.  

I am confident, however, that through collaboration between the public sector and private industry, we can create a stronger business environment that is secure and continues to lead the world in technological innovation.