![](https://fas.org/wp-content/uploads/2023/04/14d834_67736f2bc2464e179f64fafa39b633de-mv2-scaled.jpg)
Using “Wargaming” to Evaluate Manufacturing Cyberthreats and Ensure Supply-Chain Cybersecurity
Summary
Small to medium-sized manufacturing (SMM) companies are the backbone of the U.S. industrial base. However, they do not have the financial or technical resources needed to protect themselves from cyberthreats such as computer hacking, embedded malicious software, and “internet of things” sensors sending sensitive information to foreign counties. These cyberthreats can cause huge damage to the U.S. economy and national security. With relatively limited investment, cybercriminals can disrupt critical supply chains, damage key sectors, and delete or corrupt important information resources.
The Biden-Harris administration should address these threats through a government-industry partnership that uses “wargaming” analyses — i.e., virtual techniques to model and assess threats — to evaluate manufacturing cyberthreats and test strategies for ensuring supply-chain cybersecurity. As part of this partnership, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) should implement a pilot program to spread robust and scalable cybersecurity best practices throughout manufacturing-based supply chains. Coordinating the resources and expertise of other federal agencies — including the Nuclear Security Enterprise (NSE), the Department of Defense (DOD) Digital Manufacturing Institute (MxD), the National Institutes of Standards and Technology (NIST) Manufacturing Extension Partnership (MEP), and the DOD Cybersecurity Maturity Model Certification (CMMC) program — with the resources and expertise of external entities (e.g., academic institutions) will enable the administration to become more proactive in anticipating and neutralizing cyberthreats, thus enhancing the stability and security of U.S. manufacturing supply chains.
Congress should foster a more responsive and evidence-based ecosystem for GenAI-powered educational tools, ensuring that they are equitable, effective, and safe for all students.
Without independent research, we do not know if the AI systems that are being deployed today are safe or if they pose widespread risks that have yet to be discovered, including risks to U.S. national security.
Companies that store children’s voice recordings and use them for profit-driven applications without parental consent pose serious privacy threats to children and families.
Privacy laws are only effective if they include civil rights protections that ensure personal data is processed safely and fairly regardless of race, gender, sexuality, age, or other protected characteristics.