House Holds Hearing Today on Future of Cybersecurity

The House Energy and Commerce Committee is today conducting a hearing on “Cybersecurity: An Overview of Risks to Critical Infrastructure.” The following is a statement by Wayne Crews, Vice President for Policy at the Competitive Enterprise Institute:

When addressing security risks to large-scale assets in a free economy, it’s important to recognize that excessive governmental intervention in the management of those assets can itself undermine cybersecurity and critical infrastructure goals.

The hearing will properly investigate worthy notions like breach information sharing and monitoring (none of which should be over-dictated by Washington).

But meanwhile, a hearing that claims the existence of “18 critical infrastructures” in a supervisory tone of voice may underplay what I consider to be the greater modern threat to infrastructure and security: the tendency to treat all large-scale assets as public goods rather than what they actually are—that is, private property on which security and safety should remain competitive features that constantly improve.

The extreme example of this tendency is the perhaps exaggerated call for a “kill switch” for the Internet, which would create a less-safe Internet with poor investment incentives. Other interventionist tendencies include the push for compulsory net neutrality in communications (which in fact should be banned if security is a goal); energy grid over-regulation and restricted access to energy as such; the artificial siloing and heavy regulation of our great network industries like water and electricity; and antitrust intervention that disrupts the trajectory of entire industries.

Serious future cybersecurity plans should remove threats like a “kill switch,” net neutrality, and antitrust activism. They should aggressively liberalize critical infrastructure, allowing the flourishing of redundancy, third-party security monitoring industries, new insurance products, evolving private liability standards, and various incarnations of contracts and risk sharing that we cannot envision now. General deregulation and liberalization of our great network industries from outdated regulation would advance private infrastructure, perhaps even foster cross-industry investment and a far wealthier, safer society.

Hearings to assess Washington’s role are important, but if we are not careful, government may do less in terms of protecting critical infrastructure than in creating vulnerabilities on tomorrow’s critical private assets.