I think when comparing the cybersecurity risks here in the U.S. with that of another country the similarities are strikingly similar. Let’s use China as an example. China’s inevitable rise to the status of superpower makes it a good country to compare cybersecurity risks to the U.S., as apposed to a less developed unequal nation. Both nations are putting an enormous amount of time and money investing in and migrating all their systems to the cloud. With this investment comes the risks associated with storing and using the data of its citizens in the cloud. The U.S. doesn’t have an all encompassing law like the GDPR for protecting data, instead there are laws and standards that deal with data standard by standard and even state to state. It is left up to the individual states how they protect data and the laws surrounding disclosure, with some having no such laws at all. HIPAA is a law in the U.S. dealing with the health care industry while PCI-DSS is a standard that the payment card industry tries to hold themselves accountable to. Whereas in China they passed in 2017 the Chinese Cybersecurity Law which has strict rules about the collection, use and transfer of personal data for any data hosted in China that contains personal information on Chinese citizens and is very similar to GDPR.

There are of course the cybersecurity risks associated with the military of each. In the U.S. and China you have the two of the most advanced military’s in the world. The risks associated with the loss of valuable research and development work when it comes to military technology is something shared by both nations. Both countries put a great reliance on contractors and third party vendors to source many of the components used in these systems, and as such the risks associated with supply chain attacks and espionage again are risks shared by both nations. Both nations also put a great reliance on the inter connectivity of their military systems and logistics. China recently has made great strides in this arena after witnessing the speed and ease with which the U.S. was able to defeat Iraq in the first Gulf War. Understanding their military capabilities at the time closely resembled that of the Iraqi’s, the improvement in their capabilities was something they needed to invest in. While the use of satellites and having an interconnected military does have its advantages, it so to exposes your systems in cyber space to your adversaries not only in times of war but in times of peace as well. Although it can be argued that with the advent of cyberspace as a new theater of war, that there is not now and never will be again a time of peace in any of our lifetimes.

Lastly I wanted to point out the similarities and differences between the cybersecurity risks to each country’s infrastructure. Both nations have more densely populated as well as rural areas, both that rely on SCADA systems to control just about every part of their industrialized life. However here is where I think the risks associated with attacks on these system might be a little more severe for China then the U.S. Of course there is the difference in population size, but more specifically I’m referring to where their population is dispersed within China as apposed to the U.S. Yes we have New York, California, and Texas as the most densely populated states, however our population is pretty well dispersed throughout the rest of the country. As far as China is concerned, more than half of their land is empty with 94% of their population living east of the line between Heihe in the north and Tengchong in the south. That means the risks to the disruption of their day to day life would be greater with a more targeted attack. In theory an attack on the water system affecting California would have no impact on Texas, New York, or DC, whereas a large scale attack on the east coast could destroy the water system for the majority of China’s east coast and population.