Business is at last collaborating on cyber security

A decade ago, the Obama White House tried to force American companies to collaborate on cyber defence. It did not go well: the US Chamber of Commerce and other big business groups blocked a cyber security bill, complaining it smacked of excessive government intrusion.

“People said [it] was un-American,” a former Washington official says. The mandatory sharing of information about cyber hacks, or devising joint defence strategies, was considered antithetical to free-market capitalist ideals.

How times change. On Wednesday, the White House issued an executive order that requires US companies running critical infrastructure to report cyber hacks. Last month, it summoned senior American executives to launch a collaborative cyber defence project with the ugly name “Shields Up”.

Detail is sparse, but it is clear that US business is now collaborating. Investors should watch closely for at least two reasons. The first is that the war in Ukraine means there is a rising risk that Russia will launch a cyber attack on western companies, which could cause enormous damage. In fact even an assault directed solely against Ukraine could hurt. When Russian hackers attacked Ukrainian infrastructure five years ago by releasing a malware “worm” called NotPetya, it caused $10bn damages to computer systems worldwide with painful consequences for companies such as Maersk, FedEx and Merck.

The second reason to watch these events, however, is a more subtle one: fears of cyber war could contribute to a longer-term shift in the relationship between business and government. Already, once-taboo concepts such as industrial strategy are back in vogue.

Thus far, this shift has not been very visible. Russia does not seem to have launched any large-scale cyber attacks on western infrastructure this year, limiting its onslaught to Ukraine. This has surprised many cyber experts and they are divided over the reasons.

Some think that Russian president Vladimir Putin has deliberately focused on his ground invasion first. “Cyber is not a great tool for warfare,” points out Dmitri Alperovitch, head of the Silverado policy incubator and co-founder of Crowdstrike, a cyber security firm. “It’s a…