Academic journal article Prism : a Journal of the Center for Complex Operations

A Cyber Federal Deposit Insurance Corporation?

Academic journal article Prism : a Journal of the Center for Complex Operations

A Cyber Federal Deposit Insurance Corporation?

Article excerpt

Of the emerging man-made risks affecting U.S. national security, cyber threats have enjoyed the most attention and resources from national security leaders and policymakers. And yet, cyber threats remain one of the most complex risks to address given their amorphous, highly fluid, and extra-territorial nature. This makes it difficult if not impossible to quantify the national state of readiness and, in these fiscally constrained times, the return on investment from the billions spent each year on cybersecurity. Five gaps conspire to make achieving a state of enhanced cyber resilience complex if not impossible. These include a yawning talent gap to the tune of millions of people; a technological gap predicated on managing a risk that evolves according to Moore's law; a financial and economic gap leaving trillions in value at risk with no generally accepted way to measure this value; an alignment gap in terms of policy harmonization and cooperation inside the United States and around the world; and, finally, a gap in patience and the speed of markets. This article delves into the evolving cyber threat landscape and outlines ways of understanding and bridging these critical gaps.

Shared Risk, Shared Defense

The United States enjoys an undeniable economic and national security advantage from being the birthplace of the internet and, with it, the midwife of the digital age. These advantages have been reaped since the early 1990s, where the road to building a 21st century economy began-connected at every turn, person, node, and device to a worldwide web of risk and reward. The United States has since remained the world's economic supremo and, for a period after the global financial crisis, the only functioning cylinder in the global economy. But will this pax digitalis hold or is U.S. national security and economic prevalence waning because of the blowback from our marvelous creation?

Today, it is hard to imagine a world without the internet and without the hyper connectivity it has enabled. Indeed, technology titans such as Facebook's Mark Zuckerberg and Amazon's Jeff Bezos look every bit the part of 21st century business statesmen.1 Speculation of presidential runs from Silicon Valley's independently wealthy and decidedly pro-digital elite suggests that the line between public policy, the digital commons, privacy, and security may be forever blurred-especially in the eyes of millions of millennials whose newly minted political engagement treats the internet as a utility, and privacy as a tradable right. This is troubling because the world is beset by a growing number of challenges pitting privacy and security advocates against one another, much as we saw with the now infamous case of "Apple vs. the Federal Bureau of Investigation" or in the Snowden leaks, which revealed wide-scale digital eavesdropping on the U.S. public-albeit at the metadata level, as security proponents argue.2

Just as privacy and security represent key policy, security, and business tradeoffs, connectivity and national cybersecurity are similarly dialectical choices. On the one hand, the tide of connectivity cannot be reversed. Indeed, with the explosion of connected devices, the so-called Internet of Things (IoT), people seem almost reflexive in their acceptance of a technological front door (and back door) to every tangible item in their life.3 The annual Consumer Electronics Show (CES), is at once the digital sycophant's dream and the cybersecurity hermit's nightmare, as each connected gewgaw and curio is revealed to a fawning public and a salivating shareholder. According to Gartner, there are 8.4 billion connected devices in 2017, a 31 percent increase over last year. This exponential growth of connectivity, much as we saw with the Dyn exploit that shutdown the websites of major firms such as, Netflix and CNN, IoT will expand both the attack surface area and vectors that can not only take down much of the internet, but exfiltrate sensitive information, cripple critical systems and sow misinformation. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed

Oops!

An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.