FOR THE PAST FIVE YEARS, the U.S. director of national intelligence has identified cyberattacks as the country’s top security threat. The evolution of computing and encryption, together with the transfer of information and services onto digital networks, has resulted in great advances but also significant vulnerabilities.
For more than a decade, the Belfer Center for Science and International Affairs has worked to expand the School’s understanding of security to include cyber and other digital security questions. Joseph Nye, Harvard University Distinguished Service Professor Emeritus, and Graham Allison, the Douglas Dillon Professor of Government and then-center director, both former Kennedy School deans, launched a project on cybersecurity to keep the School at the forefront of security policy as it shifted into the big-data era.
“What we’re talking about is at the scale of what do you do to mitigate against the risk of the Russians who have destructive malware in the electric grid right now.”
Today, that focus continues through the Cyber Project, which studies how to manage the risk of conflict in cyberspace, from drones to surveillance to sabotage. The issues range from protecting vital infrastructure to controlling escalation in the event of a cyber conflict. Looking forward, the center is considering a biosecurity and bioweapons initiative as it anticipates future threats. In an example of the Kennedy School’s growing talent pool in the sector, Lauren Zabierek MC/MPA 2019 became director of the Cyber Project after graduating from the School in May.
“What we’re talking about is at the scale of what do you do to mitigate against the risk of the Russians who have destructive malware in the electric grid right now,” says the Belfer Center’s Eric Rosenbach. “And what’s the broader policy for determining what we should think about both the Chinese theft of intellectual property plus their pervasive surveillance system? These are big policy issues, and there’s a huge demand from the policy-making community to think them through.”
Fundamentally Technological
In addition to matters of national and international security, individual and network security are vital. Bruce Schneier, digital security expert and an adjunct lecturer in public policy, is another member of the Kennedy School’s growing team of public interest technologists.
Because cybersecurity is “fundamentally technological,” Schneier argues, “any serious public policy discussion requires a firm understanding of the underlying technology.”
Schneier’s work at HKS, such as his class “Cybersecurity: Technology, Policy, and Law,” helps make future policymakers literate in internet security policy and “able to spot political agendas disguised as technical arguments,” he says.
“Any serious public policy discussion requires a firm understanding of the underlying technology.”
James Waldo, the Gordon McKay Professor of the Practice of Computer Science at Harvard’s John A. Paulson School of Engineering and Applied Sciences (SEAS), helps guide HKS students through the complex issue of privacy in this world of computers, cell phones, cameras, and the Internet of Things. For Waldo (who is also the chief technology officer at SEAS), that includes examining the traditional understanding of privacy in the modern digital world along with the role of governments in regulating the gathering of, access to, and use of information. The answers policymakers arrive at have enormous implications: European law, Waldo points out, focuses on protecting the privacy of the individual from corporations, while in the United States, privacy laws are mostly concerned with protecting the individual from the government.
—
Photos by Raychel Casey, Jessica Scranton, Martha Stewart