The idea that the U.S. federal government could play a dominant and effective role in protecting the nation from malicious cyberattacks on everything from Internet of Things (IoT) devices to critical infrastructure to election voting systems might strike some people as absurd.

Its catastrophic security failures are well known.

• The Office of Personnel Management (OPM) couldn’t protect the personally identifiable information (PII) of more than 22 million current and former federal employees.
• The National Security Agency (NSA) couldn’t protect its own stash of so-called zero-day vulnerabilities that it hoped to use to spy on, or attack, hostile nation-states or terrorist groups. Instead, the stash ended up in the hands of WikiLeaks.