The coming cyber crisis: the striking parallels between the Great Financial Crisis and the threat of cyber attack.

• Author: Rogoff, Kenneth

When the financial crisis of 2008 hit, many shocked critics asked why markets, regulators, and financial experts failed to see it coming. Today, one might ask the same question about the global economy's vulnerability to cyber attack. Indeed, the parallels between financial crises and the threat of cyber meltdowns are striking.

Although the greatest cyber threat comes from rogue states with the capacity to develop extremely sophisticated computer viruses, risks can also come from anarchistic hackers and terrorists, or even from computer glitches compounded by natural catastrophe.

A few security experts have voiced great alarm, including, most recently, Jonathan Evans, the head of the British Security Service (MI5). By and large, however, few leaders are willing to compromise growth in the tech sector or the internet in any significant way in the name of a threat that is so amorphous. Instead, they prefer to establish relatively innocuous working groups and task forces.

It is difficult to overstate the dependence of modern economies on large-scale computer systems. But imagine if one day a host of key communications satellites were incapacitated, or the databases of major financial systems were erased.

Experts have long identified the electricity grid as the most acute vulnerability, since any modern economy would collapse without power. True, many skeptics argue that with reasonable low-cost prophylactic measures, large-scale cyber-meltdowns are highly implausible, and that doom-mongers overstate the worst-case scenarios. They say that the ability of cyber-terrorists and blackmailers to take the global economy to the brink, as in the 2007 Bruce Willis movie Die Hard 4, is utterly fictional.

It is difficult to judge who is right, and important experts are found on both sides of the debate. But there do seem to be an uncomfortable number of similarities between the political economy of cyberspace regulation and of financial regulation.

First, both cybersecurity and financial stability are extremely complex topics with which government regulators can hardly keep up. Industry remuneration for experts is far in excess of any public sector salary, and the best minds are continually hid away. As a result, some argue that the only solution is reliance on self-regulation by the software industry. One hears this argument for many modern industries, from big food to big pharma to big finance.

[ILLUSTRATION OMITTED]

Second, like the financial sector...