Government security , Incident Response , Data Security Recovery is the new cyber deterrence May 18, 2026 Share By Cory Simpson America has spent decades building its cyber defenses based on a familiar assumption: If we can stop a breach , we can protect the mission. Today's threat environment demands a broader test of cyber power: how quickly the United States can recover when the mission is under attack. Nation-state adversaries, especially the People's Republic of China , are positioning themselves to hold U.S. systems at risk, disrupt continuity, and create cascading effects during a crisis. They understand that data drives command decisions, logistics, intelligence, public services, emergency response, and critical infrastructure operations. When data becomes inaccessible, corrupted, or slow to restore, then disruption becomes a strategy. The National Defense Data Resilience Act , introduced by Representatives Suhas Subramanyam (D-Virginia) and Dr. Rich McCormick (R-Georgia), begins where the stakes are highest: the Department of Defense (DoD). The bill would require DoD to identify mission-critical data, establish mandatory recovery time objectives, deploy modern recovery capabilities, test those capabilities against realistic nation-state scenarios, and report the results to Congress. The bill reflects the principle that should guide the next phase of federal cybersecurity: Resilience depends on recoverability. Congress should make recovery a measurable requirement, starting with DoD, and establish a standard to sustain mission continuity across the federal enterprise. The strategic gap is recovery Federal cybersecurity policy has long emphasized defensive tools like firewalls, endpoint protection, network monitoring, and other capabilities designed to detect and stop intrusions. Modern cyber resilience requires an equally disciplined approach to recovery. Advanced persistent threats can dodge defenses, move laterally , corrupt data, and target critical recovery systems. The ability to rapidly recover mission-critical data is a core measure of national preparedness. Recovery Time Objectives (RTOs) provide that measure. They specify how quickly systems and data must be restored after a disruption. For federal agencies responsible for national security and public safety, RTOs should be treated as operational requirements tied to readiness, testing, investment, and accountability. Federal recovery expectations remain fragmented and uneven. Agencies may maintain backups, disaster recovery plans, or continuity procedures, but the federal enterprise needs enforceable standards that address destructive cyberattacks, compromised backups , data corruption, and adversaries already present in sensitive environments. The next phase of federal cybersecurity should build the same level of maturity in mission recovery . What H.R. 8710 would require The National Defense Data Resilience Act makes recoverability an operational requirement. The bill directs the Secretary of Defense to designate DoD data as critical, important, or necessary and to establish mandatory RTOs based on data type and threat exposure. Critical data would receive RTOs within 180 days of enactment; important and necessary data would receive RTOs within 270 days. The bill also shifts recovery from planning to performance. DoD would be required to field recovery capabilities for critical data within 180 days and for important and necessary data within 270 days. These capabilities must prioritize critical services supporting national defense, maintain continuous monitoring for unauthorized changes, prevent tampering, support secure restoration, and operate within architectures isolated from production environments. Testing and oversight are central to the framework. H.R. 8710 requires annual exercises that simulate nation-state cyberattacks and audits that mimic adversary tactics, techniques, and procedures to validate whether DoD elements can meet their recovery objectives under realistic threat conditions. The Department would also submit annual auditable recovery certification reports to the congressional defense committees . That is the substance of the bill. It treats recovery as a tested capability, tied to data criticality, mission risk, and congressional oversight. It gives DoD a practical way to measure whether it can restore what the mission depends on when data is lost, degraded, or destroyed. DoD should set the federal standard DoD is the right starting point. Its missions depend on trusted data, available systems, and the ability to operate under pressure. Defense data supports command decisions, logistics, intelligence, weapons systems support, and the confidence leaders need during a crisis. The same logic applies across the federal enterprise. Civilian agencies manage public health systems, emergency response functions, financial operations, and critical infrastructure dependencies. Each depends on data that must remain available, accurate, and recoverable under stress. A recovery standard built for DoD can serve as a model for sustaining mission continuity across government. A government-wide approach should standardize recovery expectations, improve coordination during cross-agency incidents, and strengthen public trust in continuity during crises. In a coordinated cyber campaign, adversaries will seek to trigger cascading effects across military, civilian, and critical infrastructure systems. The federal government should be prepared to restore essential data and sustain operations at the speed national resilience requires. Recovery changes the adversary's calculus Recovery changes the value of an attack. When adversaries believe that disruption will be prolonged, recovery slow, and essential functions degraded for the long term, they gain leverage. When the United States can restore mission-critical data, sustain operations, and continue the mission under pressure, that leverage diminishes. Cyber deterrence depends on convincing adversaries that their attacks will fail to achieve their strategic objectives. In the cyber domain, that requires robust defenses and the ability to recover quickly, with confidence and discipline. Congress should pass H.R. 8710 and make recoverability a national security standard. The United States needs a federal cyber posture built for continuity under attack, and DoD should lead the way. Cory Simpson Cory Simpson is a national security and cybersecurity executive with more than two decades of experience across government, elite military organizations, and the private sector. He leads DC-based organizations that bridge policy and technology, often advising companies across the tech ecosystem—including competitors—to advance modernization, strengthen security, and serve the American people. Related Critical Infrastructure Security IBM executive floated for CISA director as concerns persist for agency Steve Zurier May 18, 2026 Cybersecurity leaders warn weakened CISA could hurt AI-era defense and threat response. Government security U.S. officials discard items from China trip over security concerns SC Staff May 15, 2026 During a high-level meeting between U.S. officials, including Trump, and the Chinese government led by President Xi Jinping, U.S. personnel were instructed to leave behind items such as burner phones and gifted lapel pins. Government security Virginia man found guilty of destroying government databases after being fired SC Staff May 11, 2026 The incident occurred on February 18, 2025, shortly after Sohaib Akhter and his twin brother, Muneeb Akhter, were fired by their employer, a company that serviced over 45 federal agencies. Get daily email updates SC Media's daily must-read of the most current and pressing daily news Business Email By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy . Subscribe Related Terms Bit Block Cipher Byte Ciphertext Computer Emergency Response Team (CERT) Cryptographic Algorithm or Hash Data Aggregation Data Encryption Standard (DES) Digital Signature Stimulus You can skip this ad in 5 seconds