The study, prepared by the Cyberspace Solarium Commission, said that a major cyberattack on the nation's critical infrastructure and economic system would create chaos and lasting damage exceeding that wreaked by fires in California, floods in the Midwest, and hurricanes in the Southeast.

Commission co-chair . Mike Gallagher said he report was like doing the 9/11 Commission before 9/11 happens. We want to avoid that situation.

Senator Angus King added the US does not have an effective deterrence policy in place to discourage hostile cyberattacks. "We are getting killed by a thousand cuts", he said.

The Cyberspace Solarium Commission was established by the 2019 defense appropriations law and named after a Cold War-era project that offered recommendations for forestalling nuclear war.

Its report proposes a broad strategy of "layered cyber deterrence" pursued by a reorganized federal cyber defense framework with new permanent select cybersecurity committees in both houses of Congress, a Senate-confirmed National Cyber Director, and a Cyber Bureau at the State Department.

The report also calls for establishing a Cyber Response and Recovery Fund, a National Cybersecurity Certification and Labeling Authority, a Bureau of Cyber Statistics, a national privacy and data security law, enhanced election security measures, and formal classifications for "systemically important critical infrastructure".

Unfortunately for the Commission, President Donald Trump has shown little enthusiasm for long-term planning and risk mitigation efforts. It cut its top cybersecurity coordinator position in 2018. But bipartisan interest in Congress remains high, and the Cyberspace Solarium report gives future executives a template for action.