In 2016, the Center for Long-Term Cybersecurity developed a set of scenarios to help define the contours of the cybersecurity challenge for the next five years and beyond.
In an editorial essay published last week in Christian Science Monitor’s Passcode, Steve Weber, Faculty Director for CLTC, explains why scenarios are a useful tool for approaching this complex issue. His essay, “Want to fix cybersecurity? Think about worst-case scenarios first,” argues that “good policy will need to consider not just one but a set of scenarios in order to design in advance interventions and incentives that will succeed – or at least not make the security situation worse – across the evolving landscape of possibilities…. The digital world simply moves too quickly to wait, observe, analyze, and react.”
Weber’s essay explores the concept of cybersecurity broadly, and then focuses on the Cyberfutures 2020 Scenario Bubble 2.0 as an example (this narrative explored a possible future in which tech companies sell off the data about their users). “Policymakers struggling with the consequences of digital insecurity need ways to get out ahead of this game rather than continuing to play catch-up,” Weber argues. “The key question that scenario thinking can help address for policy is this: if X or Y happens, what will governments wish they had in place at that moment to maximize the upside and minimize the threat from the emerging digital environment?”