Chapter 1 – The Economics of Cybersecurity: Advantage Attackers
Chapter 2 – Dangerous and Effective: China’s Digital Strategy
Chapter 3 – The Solar Winds of Change: The Threat of Systemic Cyber Risk
Chapter 4 – Outdated and Ineffective: Why Our Current Cybersecurity Programs Fail to Keep Us Safe
Chapter 5 – Reinventing Cybersecurity: A Strategic Partnership Approach
Chapter 6 – The Cybersecurity Policy We Need: Incentivize, Modernize, Economize
Chapter 7 – Health: Cybersecurity as a Core Element of Patient Care
Chapter 8 – Defense: Leveraging the Dual Economies of the Defense Industrial Base
Chapter 9 – Financial Services: Regulation Isn’t Enough
Chapter 10 – Energy: Protecting the Smart Grid
Chapter 11 – Retail: Serving Consumers and Keeping Them Secure
Chapter 12 – Telecommunications: Managing International Risk in a Post-COVID-19 World
Chapter 13 – Information Technology: Defining How to Govern IT
Although the USA needs to create a digital strategy of equivalent scope, sophistication, and thoughtfulness as our adversaries, it cannot mimic the central controlled economic model with its attendant government mandates and authoritarian principles. Indeed, the free market, entrepreneurial system practiced in the USA and the west should be a far more appropriate fit to compete in the fast-paced ever changing digital age This chapter outlines a series of aggressive policy fully consistent with market-based democratic norms and ideals. The goals of these policies are threefold: 1) The US needs to devote far greater resources to addressing the digital threat. 2) Needed efficiencies can be generated through systematically evaluating and reorganizing a number of current cyber programs. 3) The US needs to modernize our approach to cyber defense. Nothing incentivizes like money and the statistics indicate the US is already well behind its adversaries in spending in multiple key areas required to be a world-leader in the digital age. However, the power of the private sector can also be far more effectively leveraged by implementing a menu of incentives tailored to the uniqueness of various critical infrastructures. Several example models are suggested. The US also needs to modernize its understanding of the cyber threat. This would include recognizing the gaps that need to be filled when private entities are forced to defend themselves against nation state attacks, as well as modernizing its approach to law enforcement and education to assure a competent workforce in the digital age. Finally, government can substantially enhance national cybersecurity by economizing its own processes by integrating cost benefit analysis into its programs and streamlining processes to make efficient use of scarce cybersecurity resources.
Combining Technology, Public Policy and Economics to Create a Sustainable System of Cybersecurity
| 2500 Wilson Blvd, #245
Arlington, Virginia 22201
ISA provides cybersecurity expert testimony and thought leadership in government and serves as an expert witness to the press.
Larry Clinton is President of the Internet Security Alliance. He advises industry and government on cyber policy. He has briefed NATO, the OAS and G-20 and the US Congress. He has twice been named to the Corporate 100 list of the most influential individuals in corporate governance. He has written cybersecurity best practices books used in the US, Europe, Latin America and Asia.