This discussion paper explores the idea of a healthy, resilient — and fundamentally more secure — cyber ecosystem of the future, in which cyber participants, including cyber devices, are able to work together in near‐real time to anticipate and prevent cyber attacks, limit the spread of attacks across participating devices, minimize the consequences of attacks, and recover to a trusted state. In this future cyber ecosystem, security capabilities are built into cyber devices in a way that allows preventive and defensive courses of action to be coordinated within and among communities of devices. Power is distributed among participants, and near‐real time coordination is enabled by combining the innate and interoperable capabilities of individual devices with trusted information exchanges and shared, configurable policies.
The paper concludes with a brief discussion of incentives and recommendations for the way ahead. It posits that the slow adoption of available best practices and technologies in the face of increasing cyber attacks indicates an imbalance of incentives and proposes that better and more widely disseminated aggregated and anonymized information about the frequency and actual harm of cyber attacks is needed.