Introduction to BPC and the Report

BPC AND THE WORKING GROUP

The Bipartisan Policy Center (BPC) convened a working group of leaders to strengthen America’s cybersecurity. The group’s approach was to identify the nation’s top cybersecurity risks to raise awareness so policymakers and businesses can take pragmatic action and invest in countermeasures.
In assembling the working group, the co-chairs sought broad inclusivity from strategically important industries, government, and civil society. Every sector with a stake in cybersecurity was included – banking, communications, digital platforms, health, energy, and more. The working group drew from a wide range of important perspectives, including stakeholders representing privacy concerns and digital identities.

IN THE REPORT

Identifying cybersecurity risks is the first step in managing them. This report – unlike other, more technical sources that identify cyber risks – frames them for the strategic audience of business and government decision-makers. We intentionally focused on identifying risks, not solutions, because various stakeholders may need to take different approaches. There are no one-size-fits-all fixes. Rather, these top risks must be considered individually by companies and collectively by the nation. Many will require a multifaceted response, across business and government, who will need to work various levers including policy, organizational culture, technology, and processes.

OVERVIEW OF THE TOP 2023 CYBERSECURITY RISKS

These top eight macro risks represent a consolidation of the most likely and impactful of the risks identified by the working group. Each risk’s description includes “Key Risk Factors,” which identify concrete examples or hazards that fall under the identified risk. The listed key factors are starting points – they are not exhaustive.