Not all cybersecurity incidents are equal.Some threaten more harm than others, as in the case of breaches that might enable disruption of "critical infrastructure" (hereinafter "CI"). Review these categories to get an idea of what CI is.

In anticipation of such cases, we might expect the government to take special steps to encourage CI owners and operators to improve their security in hopes of preventing incidents in the first place.And we also should expect the government to take on a more-active-than-normal role in the event an incident involving CI (or otherwise counting as a significant cyber incident) occurs.

Context

To place the policy challenge in context, we begin with accounts of recent episodes involving cybersecurity threats to CI.This Symantec reportprovides a technical account of recent intrusions involving the energy industry, and this Wired article provides further useful context for that report.Another Wired articlethis one from June 2017goes into detail about especially-significant Russian cyber attacks on the Ukrainian electrical grid, illustrating what might be possible in a worst-case scenario.

Next, let's also note a factor that complicates the prospect of encouraging better defense of CI: much if not most CI in the United States is privately-owned. (Think: Exxon chemical plants, Entergy power substations, pipelines, etc)

1.Why, exactly, does the fact of private ownership "complicate" the task of spurring better defense?