Lessons for Cybersecurity from the American Public Health System
An important step towards cyber public health
Every four years, the Computing Research Association publishes a set of Quadrennial papers that “explore areas and issues around computing research with potential to address national priorities. The white papers attempt to portray a comprehensive picture of the computing research field detailing potential research directions, challenges, and recommendations.” I’m pleased to have helped draft one of these, Lessons for Cybersecurity from the American Public Health System:
The United States needs national institutions and frameworks to systematically collect cybersecurity data, measure outcomes, and coordinate responses across government and private sectors, similar to how public health systems track and address disease outbreaks.
I’m excited that this is available because we worked with CRA to craft an accessible, understandable message, and it’s a nice length (roughly 2 core pages, plus a few pages of recommendations). We’ve heard that people want that accessible intro, and I encourage you to read it!
I’m grateful to my coauthors: L. Jean Camp (Indiana University), Yi Ting Chua (University of Tulsa), Josiah Dykstra (Trail of Bits), Brian LaMacchia (FARCASTER Consulting Group) and Daniel Lopresti (Lehigh University).
If you’re looking for a solid survey of the state of computing and public policy, the Quad papers are a great resource.