Comparative Industrial Policy in the Cybersecurity Industry: Policies, Drivers, and International Implications

Conference/Symposium | October 20 | 9 a.m.-6 p.m. | 180 Doe Library

 Institute of East Asian Studies (IEAS), BASC, Center for Chinese Studies (CCS), UC Berkeley Center for Long-Term Cybersecurity

Click on the title to view the conference website,

Cyber attacks of varying severity, ranging from email hacking to Distributed Denial of Service attacks (DDoS) to advanced persistent threats (APT) to industries are commonplace. Yet at the same time, with the economy being increasingly data-based, these attacks pose a significant security and economic problem. The issue of how to cope with such intrusions raises critical questions about the role that governments should play in regulating the data economy. While few would doubt the importance of maintaining secure data, whether the government should go beyond sharing best practices for data security and implement more aggressive industrial polices to secure data is debatable.

Tracing how businesses, governments, and other actors interact is crucial for understanding how to develop sound cybersecurity policy. Firms’ efforts to secure government protection of a sector by pointing to national security is hardly new. In reality, however, claims about a given sector being critical to national security have often been abused. In the 1950s, the wool industry argued for the protection of domestic production, claiming that “there is a need for 150 million to 200 million woolen blankets to ensure survival in case of an atomic war.” Yet cybersecurity is clearly seen in a very different light by governments and genuine security concerns exist given the pervasiveness of vulnerable data in all sectors of the economy

This project will evaluate the role of firms, governments, and other key stakeholders in the rise of industrial policy in important states in the cybersecurity industry. In particular, we focus on the U.S., Japan, China, Taiwan, the EU and key European states. Our goals are as follows: 1) to inventory existing measures employed by these countries; 2) to understand the driving forces of cybersecurity industrial policy on a comparative basis in these countries; and 3) to examine the likely conflicts that will arise from the competitive pursuit of such industrial policies and how they might possibly be resolved through institutional cooperation both domestically and internationally.

Click on the title to view the conference website,, 510-642-2809

 Conference Program