The cybersecurity industry grows in the wake of the technology industry. Looking back at the last thirty years of the technology industry, we can see the good that came early on from clearing entrenched industries that made room for bottom-up economic growth. Music production and distribution, once guarded by redwood-like titans were starving out smaller labels and artists. Technology, opened the redwood canopy, allowing sunlight to reach smaller players that burst into a new distributed business model that benefited the economy by making room for growth and innovation. However, the music titans would likely characterize this process as a devastating forest fire and not just a thinning of their canopy.
We have come full circle in the last third of our thirty-year tech-economy. A handful of titans in nearly every industry have leveraged technology to become “too big to fail.” And they are at risk of stifling innovation and competition. In short, they have become the new redwood forest that is ripe to be set ablaze by our adversaries that will have sweeping impact across our entire nation once the fire is lit. The fuel for the fire is the data and information that have been amassed and aggregated by these redwood giants and we need to promote new growth without having to endure a devastating forest fire to clear the canopy.
As mentioned at the start, the cybersecurity industry is growing in the wake of technology’s expansion.
Left unchecked, it will follow the same path of industry consolidation. A handful of titans will emerge by
consolidating our data and information behind gigantic structures. Once set ablaze, the impact will be
devastating. We already see this trend in the cloud industry where a few giants are becoming the
cybersecurity titans that will not only starve out smaller players, but burn the hottest once set ablaze.
The Open Commons Framework™ is like a forestry management program in that we
urgently need to put in place an approach that distributes risk and promotes healthy growth of the Internet. It is both a philosophical and structural approach to designing and nurturing a locality-based cyber entity that promotes both economic vitality and cyber resilience. Rugged individualism is a critical trait of Western capitalism, because market incentives create the conditions for individual ingenuity and problem-solving. In particular, small and medium businesses are the cradle of ingenuity and can iterate much more quickly than their larger counterparts. Protecting the cradle and nurturing ingenuity requires opening the canopy of the larger trees to promote growth from the forest floor. Against the cyber threat, in particular, collective approaches are needed to address systemic risk. Harnessing rugged individualism within a collective risk approach is the genesis for the Open Commons Framework™; and, it specifically addresses problems that are inherent with having only a handful of “too big to fail” organizations that, when compromised, have devastating effects. Thus, the Framework balances market forces with the promotion of innovation, all contained within the trusted enclave of a geographic community.
Rationale: The Open Commons Framework™ is envisioned as a critical model for steering the cyber market toward a community-based construct that builds trust while spurring innovation and market forces.
Structural Elements and Tenets [*]
Open Commons Framework™ represents more than a business model description; it is an
institutionalized approach that requires adoption of the below criteria, while promoting innovation
and allowing only compatible deviations.
1. Free and Open Market Forces.
Adopters shall promote free enterprise principles and prohibit anti-competitive practices.
Rationale: To enable market forces for economic vitality that promotes cyber resilience.
2. Social Enterprise.
Adopters shall, in their articles of formation, specify that the entity’s business purpose shall
include the social objectives of improving a community’s cyber resilience.
Rationale: To institute governance that promotes social enterprise within the market model.
Local partners in national security.
3. Enforceable Ethos.
Adopters shall hold themselves out publicly that in the entity’s pursuit of its social objectives to its stakeholders, that it commits itself to the duties of loyalty, of fair dealing, and of care.
Rationale: To hold leaders accountable to the social enterprise.
4. Innovation Protection
Adopters shall institute governance by which original works and ideas are protected in ways that balance market forces and social enterprise principles.
Rationale: Social enterprise principles for collective cyber resilience should not undermine incentives that drive innovation.
5. Trust Protection
Adopters shall institute governance that balances collective interests with innovation principles.
Rationale: Innovators benefit for the trust established from a trusted partnership, and innovation incentives should not undermine trust that underpins the community.
6. Main Street Friendly
Adopters should institute “Main Street Friendly” * business rules, policies and programs to advance economic vitality and innovation in the surrounding locality.
Rationale: Think Globally, Act Locally (in the context of building local cyber markets)
5. Nurture Small Business
Adopters should institute “Main Street Friendly” business rules, policies and programs that ensure that small businesses are not squeezed out of the local cyber market.
Rationale: About 50% of GDP and Employment comes from Small Business
[*] The Open Commons Framework™ acknowledges the influences of the Open Source Definition. It is not that Open Commons and Open Source share roots in software development. Rather, it is the philosophical approach behind Open Source which broke through the proprietary code mentality of software development. The Open Commons Framework™ derives its raison d’etre and its inspiration from a mirrored belief that
innovation in cyber depends upon a collective approach built upon the trust of a shared vision.