Chapter 5 - Reinventing Cybersecurity: A Strategic Partnership Approach


Chapter five explains how government and industry can, working together, create a more robust, modern, and comprehensive defensive structure. For years, numerous cybersecurity policy commissions and task forces have proposed reforms (many quite similar) most of which have not been implemented in part because once the policies are recommended there is no structural mechanism to direct an overarching digital strategy.  The USG needs to go through a process of digital transformation and adapt structural reforms modeled on those developed and evaluated by the private sector. In addition to policy reforms, which are discussed in the next chapter, structural reform is required such as the creation of a new White House Office of Digital Strategy and Security (ODSS) which would have a far broader mandate than the current Office of the Cybersecurity Director. The ODSS would be charged with developing a full digital strategy for the USA, including but not artificially limited to cybersecurity. The US also needs to leverage empirically proven management techniques with the unique and powerful advantages western democratic norms and market economies. This would include adapting Principles for strategic cybersecurity developed the National Association of Corporate Directors.  These principles have been independently assessed by PWC and shown to generate improved cyber risk. Management, better alignment between cybersecurity and overall mission objectives and encouraging a culture of security.  The ODSS would also utilize enhanced partnership models for cybersecurity such as those studied cooperatively by DHS and the IT Sector Coordinating Council which were shown to increase both engagement and effectiveness.  Additional structural reforms in the financial services industry have shown by McKinsey to improve cybercrime programs while also reducing costs

Combining Technology, Public Policy and Economics to Create a Sustainable System of Cybersecurity


| 703-907-7090


| 2500 Wilson Blvd, #245
Arlington, Virginia 22201


ISA provides cybersecurity expert testimony and thought leadership in government and serves as an expert witness to the press.