On September 30, the President issued a proclamation designating October as “National Cyber Security Awareness Month.” As I tell everyone I meet, this shouldn’t matter just to geeks like me, the President’s Cyber Coordinator. With our world ever more connected to the Internet – our phones, our tablets, even our cars – cybersecurity matters to everyone.
This October marks the 10th anniversary of our efforts to raise awareness, and we’ve come a long way in the past decade. Yet despite the fact that more people than ever before are aware of cyber threats – such as to personal email accounts, banks, and critical infrastructure – and are working to counter them – through secure passwords and good online awareness – we still have a lot to do. Cyber is one of those challenging areas in which there really is no “done.” Even though the internet feels like it’s been around for a long time, we are still learning as a society about how to operate safely and securely online.
As we think about how to best to do that, one factor about the nature of cyberspace becomes particularly relevant – its borders. Traditionally, many have argued that cyberspace has no borders and that that fact is both a strength – in terms of a free flow of information that drives the economy and supports free speech – and a weakness – in that it also allows malicious actors great freedom of movement.
But I would argue that such an emphasis on borders is misplaced. There are borders and boundaries everywhere in cyberspace; everywhere that networks, routers, servers, devices, and people touch the internet there are borders. Instead, what cyberspace lacks is an interior – there is really no “protected inside” to a network, a space that is far away and insulated from what happens at the edge.