en Easterly is optimistic about the state of America’s cyber defenses, she tells Ian Bremmer on the GZERO World podcast. As director of the US Cybersecurity and Infrastructure Security Agency, she is tasked with defending the country from all cyber threats, foreign and domestic, at a time when the stakes are very high. The next decade will be a turning point in the global cyber arms race. From Russian-backed ransomware attacks against America’s largest oil pipeline to the phone scammer who won’t leave you alone during dinner, we’re living in a brave new world.
While Russia is the more urgent cyber threat, says Easterly, China could do more damage in the long term. As for non-state actors like ISIS carrying out major cyberattacks, there is "low probability, but high impact.” The bigger problem, she adds, may be nations that use cyber to do somewhat lawful things like collecting intelligence, but then use such practices for nefarious purposes. The US government has finally gotten serious about protecting itself from cyberattacks, but still needs cooperation from the private sector to drive down risk to the nation, Easterly explains, noting that the Cyber Incident Reporting for Critical Infrastructure Act will now require whoever operates critical infrastructure to report attacks coming from state and non-state actors.