9/11 taught us a significant amount about what threats that go unmanaged can do. It is essential to use this experience to better protect the nation from cyberterrorism. Cyberterrorism, and cyber threats, in general, are different from an event like 9/11 because they unfold over time rather than taking a single day. One similarity however is that they both include targeting government infrastructure, specifically infrastructure that is critical but kept in private hands (financial institutions or the electrical grid, for example). As a result, a strong partnership with the private sector is necessary.
Another vulnerability that echoes issues from pre-9/11 is the lack of a centralized collection of information and data (referred to in the article as information silos). The 3 stakeholders involved in cyber threats- the government, public, and private sector- must support each other and enabled real-time threat data. The government has a large responsibility in distributing information to the relevant parties efficiently.
9/11 was also relevant in showing how the organization of the government must be fitted to deal with cyber risk. New government groups should be created to “facilitate cross-sector risk management”. This would help prevent the formation of information silos and all for quicker dispersion of information and synchronization among relevant groups. Greater consideration should be made in regards to investing in technology, another lesson from 9/11. Stronger airport screenings and the use of drones to target terrorists were all adopted after the event. The idea is parallel in the cybersecurity space: big data analytics, blockchain, and deep learning are all tools that can be used to protect the network and detect intrusions. This is also relevant to help us stay at the pace of China’s cyber capabilities.
The last parallel to be drawn between 9/11 and the rise of cyber risks in today’s age is the concept of resilience and implementing projects to maintain stability even when a major cyber attack does strike. This is to prevent damage such as a stock market crash in the event of an attack.
