Cyber-security is broader than critical infrastructure

US President Barack Obama’s speech on plans to secure American cyber infrastructure is an encouraging start for developing the long-overdue capabilities that the West needs to safeguard its essential services. But it only scratches the surface of the emerging information security problem space.

Operational services and infrastructure are the tip of an information age iceberg of intellectual assets that need to be safeguarded from increasingly sophisticated security threats. As time goes by, we will place a higher value on the knowledge and relationships that create our longer-term, national wealth. Visibility of the solution space always starts with issues of availability, followed by confidentiality, and lastly integrity. But the most serious long-term issues are those associated with the subtle manipulation of intangible, intellectual assets, such as trust, reputation and influence.

As we’ve recently seen in the UK, loss of trust in an institution can cause more serious impact than an outage of services. It’s a much harder set of risks to manage. But that’s the bigger challenge that governments need to recognise and address.