Bad Idea: Creating a U.S. Department of Cybersecurity

A lack of cybersecurity can have serious consequences – the theft of money or data, an interruption of operations or essential services, or even the compromise of weapons systems or destruction of critical infrastructure. It’s no wonder that people are desperately on the hunt for policy solutions to improve the security of systems on which we rely. And while some ideas are better than others, one truly bad idea is to create a Department of Cybersecurity—a hugely disruptive bureaucratic solution that not only fails to solve problems but adds new ones.

The success of a cybersecurity solution requires clarity about the problem that one is trying to solve. As we look at particular challenges, many already have an approach suited to the problem, and none of them involve a Department of Cybersecurity.

Suzanne Spaulding is a senior adviser for homeland security with the International Security Program at the Center for Strategic and International Studies in Washington, D.C.