We can divide the risk that we’re facing into two different categories. One is the conventional conflicts we’ll have with nonstate actors outside of the U.S. and with other nations. The other risk is the externalities that always come from any new enterprise. And within the cyber industrial complex, as some of us now call it, we have a great deal of externalities that are not getting attention from the media in a sufficient fashion, and they’re not getting any degree of attention from Congress. Even when a few congressmen do raise questions about it, such as when they ask the NSA, “How many Americans are being spied upon in your wireless wiretap program?” and they get denied an answer… As is always the case, there’s more concern among those calling the shots with external threats than there is with their own behavior.
