The White House cyber czar is laying groundwork for big changes
Below: Israeli officials found no evidence police misused Pegasus spyware, and cyber experts blast a D.C. mobile voting bill.
Chris Inglis wants a new “social contract” on cybersecurity
The Biden administration’s cyber czar is pushing a swing-for-the-fences effort to transform the Internet from an unruly Wild West to a peaceful land of law and order.
The plan, dubbed “a new social contract” for cybersecurity is laid out in a Foreign Affairs article by Chris Inglis, the nation’s first-ever national cyber director, and Harry Krejsa, a senior adviser in Inglis’s office. It’s the most expansive argument yet from the administration for why the nation must completely revamp how it manages cybersecurity.
The article paints a bleak picture of the modern Internet — one in which cyber protections are hit or miss, citizens’ personal information is easy to steal, and major technological advances — such as widespread autonomous vehicles — are essentially impossible because they can’t be secured against hacking.
“Contemporary cyberthreats represent a tragic betrayal of what leading technology advocates promised at the dawn of the digital revolution,” they write.
The fundamental insecurity of the Internet has also fractured national security, Inglis and Krejsa write — making it easier for China to steal its way to dominance in key industries and for Russia to threaten economy-rattling cyberattacks.
Those concerns have jumped into hyperdrive recently amid fears of Russian cyberattacks hitting U.S. targets as part of the fallout from an invasion of Ukraine that officials have said appears imminent.
The article is short on specifics, but the general idea is a “new social contract” in which government and companies both take on “a new set of obligations” to make computer systems secure against hacking from the beginning rather than scurrying after they’re compromised.
Inglis and Krejsa also urges shifting more responsibility for cybersecurity away from the most common hacking victims — small and medium-sized companies, schools and local governments…