Integration of Effort

Rethinking Cybersecurity for Critical Infrastructure

Because threats to critical infrastructure present a broad danger to society, there is a significant public interest in securing their continuity of operations against cyberattacks. However, because most critical infrastructure is owned by private firms, the government must engage with industry in order to secure them. Unfortunately, the current strategy of engagement is flawed, and the recom- mendations of the recent Cyber Solarium commission—though valuable—will not solve the prob- lem. A new policy must deliver true integration of effort between the federal government and the relatively small number of systemically important firms. The specific form of this partnership must be tailored to the idiosyncrasies of critical infrastructure sectors.