Cybersecurity Strategy: A Primer for Policy Makers and Those on the Front Line

The Internet seems to offer the promise of everything to everyone. For global and local business, it lowers costs while increasing innovation, invention, effectiveness, and efficiencies. For wealthy and poor economies alike, the Internet greatly expands markets for products and services. For peoples free and repressed, it provides an inlet and an outlet of expression. For large and small communities, whether living in urban centers or outlying regions, the Internet enables control over critical power, transportation, water, and sewerage systems.

Lest we forget, for sophisticated criminals, terrorists, warmongers, and spies, the Internet also offers the chance of a lifetime to cheat, steal, and strike from afar with little money, covered tracks, and enormous real world impact. While the ability to use the same technology for positive or destructive ends is neither new nor momentous, it is necessary to consider whether the rapid adoption of the Internet has provided so considerable an asymmetric advantage to our adversaries that it can change the course of American history. In this regard, when we consider the intent and capabilities of our enemies, we cannot underestimate them or, as the 9/11 Commission found in a different context, suffer from failures in imagination, policy, capabilities, or management.

Thus our future remains uncertain. Based on our increasing reliance on networks to drive our economy and support our health, welfare, communications, and security, certain questions loom large. For example, can our enemies control whether, how, and when our systems operate and our vital services get delivered? Are our personal and business records, corporate intellectual property, and state secrets routinely exposed or imperceptibly altered?1

Unfortunately, the answers to these questions not only remain unknown, they perhaps are unknowable. Therefore, it is difficult to provide our nation’s government leaders, corporate executives, shareholders, and citizens with reasonable assurance that our computer systems have not been…

Leave a Reply

Your email address will not be published. Required fields are marked *