Study says national cyber plan hurts US

A new report claims that the Commerce Department’s voluntary cybersecurty framework could end up undermining the online protections it seeks.

The report from George Mason University’s Mercatus Center claimed that the plan amounts to “opaque control” of the Internet, which could undermine the “spontaneous, creative sources of experimentation and feedback that drive Internet innovation.”

Companies, the authors wrote, “already have intrinsic incentives to develop cybersecurity solutions” without a formal government plan. Those standards, in fact, are based on industry norms and market trends which “are more robust, effective, and affordable than state-directed alternatives,” they added.

The voluntary framework released by the Commerce Department in February outlines how financial services firms, power companies and other critical infrastructure businesses can beef up their protections against cyberattacks. Supporters have said that the guide is a step towards safer networks and critical protections against a future impending cyberattack.

Lawmakers and administration officials have warned of a “cyber Pearl Harbor” for which the US is currently unprepared. But study authors Eli Dourado and Andrea Castillo say that that kind of rhetoric is overblown and serves as a distraction from the steady stream of data breaches and cyber spying that authorities should be going after.