The digital economy is experiencing exponential growth. While today’s economy runs on data, too much focus has been on connecting and collecting it and not enough on protecting it. In the beginning of 2018 alone, dozens of data breaches and attacks occurred, including hackers stealing information associated with nearly 900,000 credit cards used by Orbitz customers and more than 5 million credit and debit cards used at Saks Fifth Avenue, Saks Off Fifth, and Lord & Taylor stores.
Cybersecurity is a mechanism for protecting the digital economy—computers, networks, devices, and data—from unlawful or unauthorized access. Daily headlines highlight that our ever-growing use of technology and Internet of Things (IoT) devices is fraught with risk and vulnerable to bad actors. Known insecurities on our networks and devices have created a ticking time bomb that risks eroding the economy and our democratic institutions. In order to ensure this does not occur, we must adopt a sustainable approach to cybersecurity.
What PK Is Doing…
Public Knowledge believes that cybersecurity policy must undergo a fundamental shift from short-term approaches to a more enduring, sustainable approach, and supports building resilient technologies that will ensure the long-term safety and health of the ecosystem. Current approaches to cybersecurity lack adequate emphasis on education and training, incentivize first-to-market business decisions, and place too much responsibility for security on consumers. These policies are insufficient and unsustainable in the modern economy. The new economy requires a more sustainable cybersecurity approach that prioritizes shared responsibility, facilitates collective action, incentivizes secure-to-market products, and fosters consumer education, awareness, and engagement. Transitioning to a sustainable approach requires a strategic, collaborative effort among various stakeholders including governments, businesses, educators, and consumers. Overall, efforts taken to increase current levels of cybersecurity can help ensure the confidentiality, integrity, and availability of information to grow the evolving interconnected modern economy.
Public Knowledge advocates for a cybersecurity labeling system to further the sustainable development and protection of consumer IoT products — an idea that was first proposed in our foundational paper, Securing the Modern Economy: Transforming Cybersecurity Through Sustainability. Public Knowledge has plans to follow up with more targeted policy proposals, including our forthcoming paper, Security Star: A Label to Support Sustainable Cybersecurity, which argues for a labeling scheme on consumer IoT products to help the market understand and assess how secure a product is before selling or purchasing them. We introduced this idea on our blog post, Creating A Cybersecurity “Energy Star.” At the same time, Public Knowledge continues to support other actions to advance sustainable cybersecurity and trust in the internet ecosystem, in particular Guiding Practices to Advance Consumer Privacy in Cybersecurity Information Sharing, a cybersecurity capabilities baseline, and enhanced public awareness, along with the other actions identified in our operationalizing sustainable cybersecurity summary.
Here are the PK experts on this issue: