The COVID pandemic has accelerated the growth and diversity of public-private partnerships. Most of the new ones are focused on various aspects of COVID mitigation and/or recovery. I've been writing quite a bit wondering what other areas of public policy the P3 model could address.
Cybersecurity is one interesting such area. Governments have been dealing with cybersecurity for a long time, and have become quite sophisticated in it. Businesses, however, are relatively new to the game. This article discusses some of the challenges and ways to encourage governments to be more willing to enter into partnerships with business to improve cybersecurity at a societal / economy-wide level.
In most P3 models, it's often perceived that the private sector is bringing the expertise to the table (I don't actually believe that myself, but it's an often-preconceived notion I encounter). In the case of cybersecurity, though, while there are certainly incredibly experienced private-sector partners, it's usually the governments that have more experience and sophistication to offer. And they often need to deal with their need for secrecy and reluctance to share trade secrets to make their partners better. This is a new area for formal P3s, but certainly one that makes lots of sense.
Twenty years ago, no one outside government needed to know these high-security approaches. But in a world where businesses report cyberattacks as their number-one risk, it is unreasonable to expect businesses to defend against those attacks without a full understanding of their options.