How should be approach the development of cyber-policy and infrastructure given the “short arm” of predictive knowledge?

I think that all we can do given the “short arm” of predictive knowledge in relation to cyber-policy and infrastructure is by following something my dad likes to say often, “prepare for the worst and hope for the best.” We can never be sure of the threats to come as the landscape is an everchanging one, however, we can try to do out best to prevent and defend against what we can and hopefully, we’ll be able to learn from our mistakes along the way. As I was a boy scout (Eagle Scout), I can also say that the motto “be prepared” ties in heavily with many aspects in life. When considering cyber-policy, as stated before, you can never predict what is going to happen, so you just have to try your best to be prepared.

You can also take an offensive approach to this as well as being prepared defensively. Offensively, not meaning actually launching cyber attacks against other companies, rather, testing different methods of cyber attacks and see what works and what doesn’t. By doing this, the “short arm” can be “extended” and give any company (country or any other organization) an edge over the competition. Again, it is impossible to test all forms of cyber attacks and defend against all forms, so you have to pick and choose your battles. This is what cyber professionals are for and what they are paid to do. Determine what is most valuable, and find a way to protect it. Surely not an easy process, but not a process that is impossible.

Predictive knowledge can be a powerful tool, but it must be used correctly and effectively. While it does have a “short arm,” especially when considering cyber-policy and infrastructure, combining what we currently know with events in the past can help us extend the reach of predictive knowledge ever so slightly further.