全球智库信息集成服务系统

Cybersecurity Suffers from a Lack of Demand in the Market

• Participants saw few incentives to encourage cybersecurity best practices among technology producers or to educate consumers on their role in protecting their personal data. Participants agreed that data breaches and other exploits unfairly burden consumers. Policies to remedy this imbalance would shift the consequences toward technology developers or producers, as well as penalize attackers.
• Participants saw a need for market forces to reward security and penalize insecurity. They identified a role for government in classifying products by degree of cybersecurity (assessed through certifications or performance standards). They also agreed that cybersecurity should be prioritized according to the impact of failure, with health and safety devices being the most critical targets for regulation.

Effective Solutions to Cybersecurity Challenges Consider the Interests of a Range of Stakeholders

• Participants saw a need for public-private partnerships in any successful solution to cybersecurity challenges. However, the focus of these partnerships differed with the games' locations. For example, Washington participants saw a greater role for government in implementing additional protections. Silicon Valley participants were more likely highlight the tech sector's role in changing its business practices to prioritize security.
• Participants in both games saw the entire system for establishing identity and authenticating transactions as fundamentally broken. They agreed that overuse and overreliance on documents and credentials not created for these purposes (such as Social Security numbers) was a fundamental cybersecurity weakness. Proposed solutions highlighted a need for flexibility in authentication. Participants also suggested empowering consumers to selectively freeze and unfreeze certain types of financial transactions.