This article argues that the approach the United States, like other countries, uses to control threats in real-space is ill-suited for controlling cyberthreats, i.e., cybercrime, cyberterrorism and cyberwar. It explains that because this approach evolved to deal with threat activity in a physical environment, it is predicated on a bureaucratically organized response structure. It explains why this is not an effective way of approaching cyber-threat control and examines the two federal initiatives that are intended to improve the U.S. cybersecurity: legislative proposals put forward by four U.S. Senators and by the White House; and the military’s development of six distinct Cyber Commands.
The article explains why each of these efforts is flawed and why U.S. authorities persist in pursuing antiquated strategies that cannot provide an effective cyberthreats defense system. It argues that the continuing reliance bureaucratically structured response systems is the product of the fallacy of inevitability, i.e., the recursive reliance on established institutional models. And it outlines an alternative approach to the task of protecting the country from cyberthreats, and approach that is predicated on older, more fluid threat control strategies.