Page 105 - Privacy in a Cyber Age Policy and Practice
P. 105
6
The Private Sector: A Reluctant
Partner in Cybersecurity
t may seem obvious that the private sector should be keen to protect its
Icomputers and networks from cyber attacks by criminals and foreign
agents. After all, hacking has caused considerable losses of trade secrets and
other proprietary information. Moreover, evidence suggests that cyber attacks
can take a kinetic form, which can harm the equipment and facilities—such
as the national electrical grid—of those attacked. However, as will be seen
shortly, the private sector is far from rushing to protect itself from such attacks.
The reasons for this reluctance range from the understandably pragmatic to
the ideological. Meanwhile, in spite of major implications of this reluctance
for homeland security, both the Bush and the Obama administrations
limited themselves to cajoling the private sector to embrace much stronger
cybersecurity measures rather than mandating their introduction.
A. Threat Levels
Private sector firms suffer considerable damage from cybersecurity
breaches. A report from the Center for Strategic and International Stud-
ies finds that the costs to the global economy—which encompass losses
of intellectual property, outright cybercrime, unauthorized access to con-
fidential business and stock information, the costs of recovering from
cyber attacks, and the value of reputational damages—of malicious cyber
activity are “probably . . . [as much as] $400 billion”—or even $1 tril-
lion per year. The United States alone is estimated to suffer up to $120
1
billion in economic losses per year. In 2012, one metallurgical corpora-
tion reportedly “lost technology to China’s hackers that cost $1 billion
2
and 20 years to develop.” In some cases, companies have been driven
3
entirely out of business by Chinese hackers’ persistent cyber espionage.
