Despite a rush of media stories, academic research, Capitol Hill briefings, and increased attention from policymakers, the priorities and risks of cybersecurity remain ill-defined and poorly understood. Even knowledgeable experts tend to mistakenly blur separate threats that span the range of crime, espionage, and global conflict, each of which have a unique set of actors, incentives and priorities.
On July 21, the Center for Technology Innovation at Brookings hosted a panel discussion to clarify and refine policy discussions surrounding the risks built into our information technology systems. Panelists evaluated how economic concepts—including externalities, information asymmetries and the network effect—can help us understand how to reward good security practices and punish bad ones, and discussed how these concepts can be embedded in a range of governance mechanisms to better evaluate the alignment of public priorities and private incentives.
After the program, speakers took audience questions.