EFFORTS TO reform both health care and energy are on the move in Washington, and their progress has been made possible by innovations in information technology and telecommunications.
The Obama administration’s Recovery Act put a $20 billion down payment toward the nationwide dissemination of electronic health records, which should cull billions of dollars of waste out of the nation’s health bureaucracy. The act also allotted $4 billion to the construction of a “smart grid’’ for the control and management of electric power across the country, an innovation that will improve the ability to deliver energy generated by new green technologies.
But the ubiquity of cyberspace has produced a new set of challenges about “cybersecurity.’’ Frequently considered in the context of Internet worms and identity thieves, the continuing integration of Internet-based telecommunications into the nation’s critical infrastructure - from health IT and energy distribution to mass transit and financial services - gives rise to a series of more serious threats in the form of cybercrime, cyberterrorism, and cyber-warfare. Beyond sending spam, a malicious hacker could open a flood gate. Beyond exposing an individual’s private medical condition, a cyberterrorist could create a blackout in a region of the country.
The Obama administration deserves credit for having acknowledged the peril. Upon taking office, the president initiated a 60-day review that set out a game plan for building a comprehensive approach. And while he has yet to name a “cybersecurity czar,’’ the White House continues to work to improve the nation’s ability to thwart attacks and maintain a more resilient telecommunications infrastructure.
But keeping pace with cyber-threats demands that resources be marshaled to develop a foundation that enables us to respond quickly and prevent attacks before they happen. We cannot allow the Internet’s greatest asset - the way it empowers people around the world to share information - to undermine its continuing viability.
First, we ought not be deluded into believing that Internet users themselves can be a crucial bulwark against cybercrime and cyberterrorism. No doubt, we all should be conscientious of viruses, and it behooves everyone to keep their security software up-to-date. But if hundreds of millions of Americans are using the Internet, hundreds of thousands will leave their systems exposed, if only by neglect. This is a classic case of the tragedy of the commons. The experts who manage the nation’s IT and telecom networks need to be empowered - with proper oversight - to make sure that the system remains resilient.
Second, policing cyberspace will require a different approach than traditional law enforcement. Streets are public, but telecommunications lines are not. Thwarting threats before they do real damage will require law enforcement to develop cooperative relationships with the businesses that maintain the Internet’s routers and cables, not to mention the software developers who manage data across the network. That raises many questions of privacy and civil liberties, so there needs to be a new approach - one that protects both individuals from Big Brother, and clearly delineates when businesses can flag threats - that ensures that we are prepared to manage cybersecurity risks and respond to attacks.
Finally, we need to support the Obama administration’s instinct to empower a single voice in the White House to coordinate cybersecurity policy across both the public and private spheres. In the world of cybercrime and cyberterrorism, competition and turf wars between bureaucracies and businesses alike frequently stymie the implementation of workable solutions. Agencies are loath to share threat assessments with the businesses that manage our critical infrastructure. Businesses are fearful that cooperation with the government will undermine their competitive advantage. In the scheme of each player’s primary motivation, those are preeminent concerns. But the broad public interest is in ensuring that the system itself is not undermined by inadequate security.
The information age has equipped the nation to tackle longstanding problems with new technologies. But with those additional tools comes a new set of risks. And unless we develop an approach that aligns accountability in the world of cybersecurity with the means to protect the nation, we leave ourselves unnecessarily exposed.
Bruce Reed is chief executive and Marc Dunkelman is vice president of the Democratic Leadership Council. 
