SHARING: THE RIGHT CYBERSTRATEGY
Every day, U.S. businesses are the targets of cyber-espionage operations sponsored by countries such as China and Russia. The cost is significant: Every year, U.S. industry suffers huge losses of valuable research and development data and other sensitive information (not to mention the increased costs associated with securing data). Estimates are hard to come by, but numbers in academic literature range from $2 billion to $400 billion per year. Just as important, many of the same techniques can be used to attack the critical infrastructure U.S. citizens depend on daily. Too often, these attacks are successful because of a key and completely unnecessary vulnerability: legal and policy barriers that prevent U.S. companies from sharing information with one another and with the government about attacks.
Without real-time information sharing, U.S. companies cannot adapt and respond to cyberattackers' constantly changing tactics. Legal and policy restrictions also prevent the government from sharing the classified information it has collected overseas about state-sponsored cyberattackers that would help companies ramp up their defenses.
The good news is that there is a broad bipartisan consensus today on how to move forward. Both houses of the U.S. Congress have debated about how to tear down these barriers without sacrificing citizens' privacy and civil liberties. The result is the Cyber Intelligence Sharing and Protection Act, or CISPA, which passed the House with a strong bipartisan vote of 248-168 in late April and now awaits consideration in the Senate.
So it was disappointing to read Rebecca MacKinnon's essay, "A Clunky Cyberstrategy," in the pages of Foreign Affairs last month. Her argument -- that cybersecurity information sharing somehow undermines Internet freedom -- misses the mark completely, as it injects unrelated issues into the debate on how to best protect our nation's cybersecurity while ensuring full and robust protection of privacy and civil liberties. Although there is no question that the United States should be (and, in fact, is) working to promote Internet
Loading, please wait...