America’s botched response to the coronavirus pandemic is a warning that, unless our broken political and administrative systems are fixed, the country could experience a similar breakdown in future national crises, such as a massive cyberattack.

This stark message was contained in a little-noticed white paper recently released by the bipartisan Cyberspace Solarium Commission, titled “Cybersecurity Lessons From the Pandemic.” As the paper highlighted, the covid-19 outbreak has been a stress test for our national crisis-management system — and that system has, to a frightening extent, failed. The challenges of a cyberattack would be even greater.

Sen. Angus King (I-Maine) and Rep. Mike Gallagher (R-Wis.), the panel’s co-chairs, describe the disorganized response to covid-19 this way: “The pandemic produces cascading effects and high levels of uncertainty. It has undermined normal policymaking processes and, in the absence of the requisite preparedness, has forced decision makers to craft hasty and ad hoc emergency responses.”

President Trump’s chaotic and sometimes counterproductive personal management of the covid-19 crisis has underlined the need for clear executive authority that can coordinate different federal agencies and state and local responders. Trump dismantled or disdained the management tools that might have been useful — and seemed to develop a love-hate relationship with experts who could have helped frame a coherent response, such as Anthony S. Fauci, the director of the National Institute of Allergy and Infectious Diseases.

This problem of coordinating the executive branch in a national crisis was the centerpiece of a report issued in March by the Cyberspace Solarium Commission. The group brought together Congress, the executive branch and private experts to recommend how to cope with the threat of a crippling cyberattack. As the report was released, covid-19 was beginning to spread in the United States, and I wrote that the pandemic was a foretaste of what we’d experience in a debilitating cyberattack. Now, after three months of White House missteps, the commission’s findings are even more relevant.

The commission’s marquee proposal was to create a national cyber director as the president’s chief adviser on cybersecurity and related issues. This cyber czar, confirmed by the Senate, could pull together a coherent, whole-of-government response, which has so far been lacking with covid-19.

Nearly 6 in 10 Americans who are working outside their homes are concerned that they could be exposed to the virus at work and infect their families. (The Washington Post)

The commission’s recent white paper amplified this recommendation: “In confronting COVID-19 and other catastrophes, it is imperative that the executive branch be guided by strong leadership, including subject matter experts who are sufficiently empowered to coordinate, plan, and prepare for a crisis response well ahead of disruptive events.”

Part of the problem with our covid-19 response is specific to Trump, who seems to view unpredictability and lack of planning as positive management tools. But another president, with better management skills, would still face bureaucratic blockages that are endemic to our system. White House coordinators similar to the proposed cyber director — the U.S Trade Representative, say, or the Office of Science and Technology Policy — struggle in any administration to frame coherent government-wide policy, as noted in a recent Lawfare essay by Mieke Eoyang and Anisha Hindocha.

Better executive-branch coordination will require breaking through bureaucratic logjams and entitlements; no federal agency likes to give up control. But with complex subjects such as public health or cybersecurity, the lines of authority must be clear in advance. Otherwise, it’s too late.

The mismanaged U.S. response to the pandemic contrasts with other nations’ well-organized public health measures. It’s almost as if there’s a competence gap, with the United States stepping back from sound policy and global leadership. Trump’s decision last month to leave the World Health Organization amid the pandemic is a disturbing example.

Trump’s disdain for multilateral organizations is an unfortunate trademark of his presidency, evident in his policies on climate change, trade and defense. This global retreat seems to be affecting cybersecurity policy, too. Russia is pushing aggressively for a new United Nations framework on cybercrime that would — surprise! — benefit Russia, China and other authoritarian states. The United States is mostly watching from the sidelines.

Russia’s campaign for a new U.N. cybercrime treaty rolled forward this month toward a meeting of an ad hoc “expert group” scheduled for August, with the United States meekly advocating a “fair, transparent process” and “neutral leadership.” Meanwhile, in another U.N. forum, Russian representatives savaged as “illogical and contradictory” efforts to apply international human rights law to cyberspace.

In the shadow of the pandemic, it’s clear how unprepared we are for a disabling attack, carried by viral disease or viral malware. And the awful truth is that we don’t seem to have learned much yet from our mistakes. Sensible policies are available, but they won’t work unless America recovers its balance and finds good leadership.

Read more: