Establishing norms for shared global common goods and tackling common challenges has long been a concern in international relations, largely because doing so is in tension with the traditional view of state sovereignty. For example, sustainability concerns and maritime competition challenged the unrestricted freedom of the seas while the rise of nuclear weapons created an urgent security threat that demanded global norms. In each of these cases, collaborative efforts were undertaken to establish regimes and common principles that would ease tension and increase the likelihood of peace.

This week the Treasury Department released new regulations that represent the tip of the spear in American efforts to maintain its technological and geopolitical leadership. Two years ago, Congress granted a little-known government interagency body called the Committee on Foreign Investment in the U.S. (CFIUS) new powers through the creation of the Foreign Investment Risk Review Modernization Act (FIRRMA). Amid intense coverage of domestic and international crises, the public can be forgiven if these regulations aren’t front of mind. Yet, attention should be paid because the impact of this law – which comes into full effect on Feb. 13 – will be far greater than the law’s anodyne acronym suggests.

On Monday, congressional leaders announced that their government-wide spending bill for fiscal year 2020 will include $425 million for states to protect U.S. elections against foreign interference and cyberattacks.

This is an important, if overdue, step in the right direction. But our election systems need far more than a one-time rescue mission. To secure American elections in 2020 and beyond, Congress and the local election officials who will soon receive these funds must treat them as a starting point.

As the Senate Judiciary Committee prepares to hold its latest hearings on encryption Tuesday morning, I am reminded of an article I wrote four years ago cautioning America’s leaders against making technology and security policy decisions for short-term gains without considering the second- and third-order implications down the road.

Imagine that there was only one lightbulb manufacturer in America. What would be the result? Lightbulbs are, after all, an essential component of American life. Without them, we all live in the dark.

We might expect the sole maker of lightbulbs to charge very high prices for its essential product—but let’s leave aside those sorts of anticompetitive pricing issues. The more significant issue, from the perspective of national security, is that the entire U.S. population would be at risk if that one manufacturer failed. The failure might be the result of malice, theft or accident. Whatever the cause, the results would be catastrophic.

Last month we observed the solemn 18th anniversary of the terrorist attacks of Sept. 11, 2001. We have made significant strides since then in securing our nation against large-scale terrorist attacks from foreign groups like al-Qaida. We have established a Department of Homeland Security; strengthened aviation and infrastructure protections; constructed an integrated intelligence apparatus; and struck strong blows against terrorist enclaves overseas.

This work must continue as ISIS, al-Qaida and other extreme violent Islamist organizations seek to regroup. But we must recognize that in the past two decades, the threats of terrorism and mass violence have metastasized. We have seen the emergence of new strains of ideologically motivated terrorism and targeted mass violence, much of which is launched by domestic actors.

Nearly 18 years after the Sept. 11 terrorist attacks, three former secretaries of Homeland Security gathered at ground zero on Monday and pressed the government to prioritize cybersecurity risks as one of the top threats to the United States.

Janet Napolitano, who led the Department of Homeland Security under former President Barack Obama, urged officials to apply greater creativity to cybersecurity in an effort to avoid the failure of “imagination” that the 9/11 Commission said might have prevented the 2001 airliner attacks.

Workplace violence is on the rise. In May, there was an active shooter event in Virginia Beach, where a disgruntled city employee murdered 12 of his co-workers. In May, as well, another school shooting occurred in Colorado, not far from where the infamous Columbine shooting took place in 1999. As the debate for sensible gun-control continues, gun laws alone will not stop the next massacre, particularly for those already intent on causing harm.

Scammers impersonating the Internal Revenue Service are emailing individuals malware to steal information, marking an escalation compared with recent schemes that used the agency in less sophisticated attacks.

The latest scam emails include links that appear similar to the IRS.gov web address but lead to compromised websites that could download software to record a victim’s keystrokes, potentially sharing passwords and other sensitive data with attackers, the IRS warned last week.

When it comes to falling prey to a phishing email scam, one study found that those working in certain industries are more likely than others.

A study released this summer by KnowBe4 found that those who work in construction are the most susceptible to phishing attacks among small-to-medium-sized businesses and the second-most likely to fall for a phish among large corporations. Workers in the hospitality industry were most likely in the large business category.