Redefining Cybersecurity Policy

Cybersecurity policy currently is views security as an exercise in risk prevention. Questions such as "how do we stop attackers" pervade the discourse both in technical cybersecurity planning and legal and organizational policymaking. This view of security – which departs from centuries of accepted practices in other areas of security – is beneficial to exactly one group: attackers.