8

Conclusion

Each chapter in this book introduces a different perspective on cyber security. Though each may stand on its own as an essay, together they illustrate that cyber security policy is a multidimensional topic. Chapter 1 framed cyber security policy in the context of its current state of professional practice. Chapter 2 presented the field of cyber security as a rapidly expanding arms race for technology control. Chapter 3 reflected on the goals of cyber security policy, and described attempts to both verify and validate that goals are achieved. Chapter 4 emphasized that decision makers need to carefully evaluate the impact of cyber security policy alternatives in the context of strategic enterprise goals. Chapter 5 explained the catalog approach to cyber security policy. Chapter 6 provided a plethora of examples of policy issues. Chapter 7 described how cyber security policy is addressed by government.

Each chapter introduced a different layer of detail with which to frame the overall cyber security decision-making process. However, these layers are not cumulative levels of abstraction, but entirely different perspectives on the same basic ground truth: the evolving complexity of security issues presented by cyberspace. Combined, the chapters illustrate the complexity of cyber security policy, and the corresponding difficulties faced by cyber security policymakers. Even cyber security policymakers who have clear goals and organizations firmly grounded in principles are ...

Get Cyber Security Policy Guidebook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.