McCrary Institute for Cyber and Critical Infrastructure Security releases policy brief on the economics of cyber attacks
The McCrary Institute for Cyber and Critical Infrastructure Security at Auburn University released a new policy brief on Tuesday, December 17, which examines the challenging economics of cybersecurity. Specifically, the report demonstrates the reality that, in the current threat landscape, the economics of cyberattacks favor the attackers and how a smart refocusing of federal cyber policies could tilt this benefit towards the defender.
The report, coauthored by one of McCrary’s expert senior fellows, Kiran Sridhar, and the Institute’s director, Frank Cilluffo, dives into the underlying causes of the economic incentives of cyberattacks, including how attacks are largely cheap to persistently launch and that perpetrators of cyberattacks are rarely punished. Further, the report lays out policy options for how the federal government can incentivize cybersecurity on the part of the private sector by rewarding proactive security practices and investments.
“Reports like this are an important part of our efforts at the McCrary Institute, and people should expect to see more targeted reports like this in the new year. In collaboration with our senior fellows, faculty, and staff at the Institute, we will roll out additional policy briefs like this one, as well as issue briefs and technical briefs. We are deeply appreciative of the impactful contributions Kiran has made on this policy brief as a senior fellow,” said Cilluffo. “As this brief lays out, the federal government should take a holistic view of how it incentivizes sound cybersecurity practices, while also being more aggressive in how it goes after bad cyber actors.” We will see more in the forthcoming year expect to see more
“The current economics of cybersecurity are, frankly, unsustainable,” said Sridhar. “The federal government must engage in a thoughtful process of reimagining how it promulgates cyber policy, in partnership with the private sector, and take demonstrable steps to impose consequences on our adversaries. I am pleased that the McCrary Institute is committed to advancing sound policy and improving the cybersecurity of America’s critical infrastructure.”
See the full report here: https://eng.auburn.edu/mccrary/reports/
The McCrary Institute, based at Auburn University with additional centers in Washington, D.C., and Huntsville, seeks practical solutions to pressing challenges in the areas of cyber and critical infrastructure security. Through its three hubs, the institute offers end-to-end capability — policy, research and education — on all things cyber-related.
Media Contact: , jem0040@auburn.edu, 334.844.3447
The report lays out policy options for how the federal government can incentivize cybersecurity on the part of the private sector by rewarding proactive security practices and investments.
