By Kathleen Thomas

Most policymakers agree that a comprehensive and integrated approach is needed in order to secure cyberspace and protect critical systems from attack. However, despite lengthy publications on the matter, the US government has failed to develop a plan that provides strategic goals, priorities, or a clear delineation of responsibilities. A new, risk-based approach is needed to clarify priorities and to develop practical responses on a strategic, operational, and tactical level. The strategy suggested in this paper strives to utilize existing assets and solidify coordinating entities. The approach consolidates the organizations responsible for public-private partnerships on cybersecurity, increasing the stake of private critical infrastructure through a practical blend of regulation and incentives. Furthermore, it looks to promote security testing on all levels in addition to securing network-level vulnerabilities. While this strategy is merely a beginning, it provides a framework and concepts meant to stimulate discussion on practical goals to secure cyberspace.

About the author:
Kathleen Thomas is a second-year Master’s student in the Security Policy Studies program at The George Washington University’s Elliott School of International Affairs. She focuses on Cybersecurity and Transnational Security issues. Before attending the Elliott School, Kathleen worked on Capitol Hill for 5 years and for a time in Speaker Hastert’s Special Events office. After Republicans lost the House in 2006, she worked as a junior lobbyist for a bipartisan lobbying firm. More recently, Kathleen handled defense issues for Arizona Congressman Shadegg. She currently interns at the Department of Defense. Kathleen received her B.A. in International Affairs from The George Washington University in 2006.

Image courtesy of ChrisDag.