Cybersecurity is a policy priority for many governments but there is limited understanding of whether and how policy choices impact cyber risk outcomes. While many countries have made significant investments in the development and implementation of cybersecurity policy regimes, cybercriminals continue to make headway. With that in mind, policymakers are left to question the impact of their policy investments. Given this unknown, many policymakers have struggled to choose policies that will have the greatest positive outcome in managing cyber risk.
At the same time, the cyber ecosystem is undergoing tremendous change. The growth in Internet users across Asia, Africa, and Latin America; the proliferation of connected devices; and the explosive rise in Internet traffic are just a few of the mega-trends reshaping the Internet. Accordingly, regardless of today’s policy challenges and solutions, tomorrow’s landscape is likely to present new risks and opportunities.
What is the contest?
Microsoft is looking for original research about these cybersecurity policy challenges from university students at any stage in their educational development. Specifically, research should address one or both of the following questions; in both instances, preference will be given to responses that integrate quantitative analysis using publically-available cybersecurity data and research, such as the Microsoft Security Intelligence Report (SIR):
Which cybersecurity policy choices have the most impact on cybersecurity outcomes and, based upon your answer, are there “actionable” recommendations for policymakers?
For example, have national-level regimes for securing government networks had a meaningful impact on cybersecurity? How might those regimes be improved?
Additionally, for example, can cybersecurity policies impact user-level security? And if so, how?
Given the growth in people, devices, and data connected to the Internet, how should policymakers adapt current approaches, and are there elements missing from the current policy landscape that should be created, or existing instruments that should be deprecated?
For example, many global-level cybersecurity policy regimes were created when most Internet users were based on North America and Europe; will the rise in Internet users in Asia, Africa, and Latin America require changes to these regimes?
Additionally, for example, cybersecurity policies have been optimized for a desktop-centric world, where the computing machine, their operating systems, and often their users were fixed within a geography. What changes are necessary to accommodate a more mobile-based world?
What prizes are offered?
Microsoft will award cash prizes for the top three essays according to the judging criteria:
1st place - $5,000
2nd place - $3,000
3rd place - $2,000
Where can I get more details?
For more information, please see the Official Rules.
Also, visit the Microsoft Global Security Strategy and Diplomacy website to learn how this team works collaboratively with governments, multilateral organizations, industry, and non-profit groups to enhance security across the cyberecosystem.
How do I enter?
To enter, send an email to firstname.lastname@example.org with your essay in Microsoft Word format and include the following information: first name, last name, email address, and school / university. Entries must be received by 11:59 p.m. Pacific Time (PT) on June 14, 2013.