How should we approach the development of cyber-policy and -infrastructure given the “short arm” of predictive knowledge?

It is known that cyber threats are constant and varying in severity. That said, we do not know what threats may or may not occur. As the “short arm” of predictive knowledge implies, our ability to predict and prepare for the future challenges of cyberspace is limited. It is necessary for us to focus on building infrastructure and making policies that are equipped to handle every last type of cyber threat in order to be adequately prepared. Since we cannot predict how advanced cyber attacks will be in the future, it is best to utilize the aspects of research, education, and adaptability to ensure we have the best chances. To ensure more adaptability, we could implement principle-based frameworks instead of overly prescriptive frameworks. This will allow for the chance to accommodate unforeseen technological advancements. For research, we could dedicate a portion of cyber-policy to supporting the discovery of cutting-edge knowledge in cybersecurity. By doing so, we will ensure that our defensive technologies evolve alongside our offensive abilities. To provide education, we could utilize any critical information found in the research and inform anyone who could benefit from it, such as employees in a company trying to learn how to protect their important data from attackers. While we may be unable to predict how advanced this technological field may become, our approach to developing cyber-policy and infrastructure should be enough. Through adaptability, education, and research, we can build a reliable and resilient cyberspace for the unknown future.