New CNAS Report Calls for a “Cyber Shield” to Meet Rising Threats in the Indo-Pacific

Washington, June 24, 2025 — Today, the Center for a New American Security (CNAS) released a new report, Cyber Crossroads in the Indo-Pacific, by Vivek Chilukuri, Lisa Curtis, Janet Egan, Morgan Peirce, Elizabeth Whatcott, and Nathaniel Schochet.

The report provides an in-depth assessment of how the United States and its Indo-Pacific allies and partners are navigating a cyber landscape that has grown more varied, volatile, and dangerous than ever. Drawing on over a year of research and expert workshops in Japan, South Korea, Taiwan, and the Philippines, the report explores rising cyber threats from the People’s Republic of China, North Korea, Russia, and a growing network of cybercriminals and hacktivists for hire. It also includes in-depth examinations of cyber threats, policies, personnel, and partnerships in each country.

The report urges U.S. policymakers to embrace a more ambitious framework for Indo-Pacific cyber defense and cooperation through a new “Cyber Shield” to strengthen joint resolve, response, and resources. Without a new approach, the report warns that U.S. aspirations for deeper economic, military, and intelligence partnerships in the Indo-Pacific will run headfirst into the reality of rising cyber threats and uneven cyber personnel, policies, and practices. To close the gap, the report offers both cross-cutting and country-specific recommendations to strengthen cybersecurity and resilience across the Indo-Pacific.

Recommendations for the United States:

• Launch a “Cyber Shield” for Indo-Pacific treaty allies to strengthen joint resolve, response, and resources to defend against malign cyber actors;

• Significantly expand military cyber engagement and capacity building through the five component commands in the Indo-Pacific;

• Clarify legal and policy frameworks to facilitate expanded Hunt Forward and Defend Forward operations in the Indo-Pacific;

• Preserve and strengthen the State Department’s Bureau of Cyberspace and Digital Policy (CDP), ensuring sufficient staff and designating the CDP as the principal coordinator for all civilian cyber engagement and capacity building with allies and partners;

• Develop a unified strategy for promoting secure and resilient information and communications technology (ICT) infrastructure in the Indo-Pacific, drawing on the full range of U.S. government tools; and

• Scale joint military cybersecurity cooperation with Taiwan, including through Hunt Forward operations, consistent with new authorities in the fiscal year 2024 National Defense Authorization Act.

Recommendations for Japan, South Korea, Taiwan, and the Philippines:

• Mandate adoption of cybersecurity best practices across government, such as multifactor authentication and prohibitions on the use of personal devices;
• Prioritize cybersecurity through increased defense spending, with investments to modernize legacy information technology infrastructure, boost threat detection and offensive capabilities, and acquire cutting-edge artificial intelligence (AI) and cloud-based cyber defenses;

• Deepen partnerships with local and foreign technology companies to benefit from broader threat data and best-in-class capabilities;

• Clarify legal and policy frameworks to allow forward-deployed teams from U.S. Cyber Command, enabling more Hunt Forward and Defend Forward operations;

• Develop integrated strategies to counter malign foreign influence that combine intelligence, cyber, diplomatic, and economic tools;

• Establish clear and uniform skills and competencies for cybersecurity roles in government, aligning wherever possible with private sector certifications;

• Leverage AI tools to boost productivity of limited cybersecurity workforces;

• Develop strategies to transition from compromised ICT hardware, software, and infrastructure produced by vendors linked to foreign adversaries; and

• Encourage businesses to adopt Secure by Design and Secure by Default principles.

The report concludes that strengthening cybersecurity across the Indo-Pacific will require sustained investment and political will. While the challenges are significant, they are surmountable with deepened cooperation among like-minded partners. The future of regional cyber stability remains uncertain, but the window for action is now.

The full report can be read here.