The challenge and imperative of private sector cybersecurity: An international comparison

Attacks on computers and information networks, both public and private, are disclosed in the news daily. Most recently, Apple, Facebook, and Twitter acknowledged that they were attacked and were now taking additional measures to secure their networks. In January of 2013, Kaspersky Labs reported discovering malware that not only targeted government information in Eastern Europe, former Soviet republics, and Central Asia, but also had been actively doing so since 2007. The scope of global cyber attacks is staggering and the solutions to securing property and protecting national security are illusive, in large part because infrastructure is owned and operated by private, rather than public, entities. Nations struggle with choosing the most effective strategy and potential regulation of the private sector in order to reduce overall cybersecurity risk. This paper reviews the nature of cyber threats, and compares the United States and European approach to promoting cybersecurity in the private sector. Furthermore, the paper discusses how different approaches can affect cybersecurity risk, and suggests a framework for visualizing the impact of law and strategy on security.