The Quad: Carved in Code: Shaping (Inter)national Security through Reshaping Economic Incentives

This policy brief explores the cooperation of the Quad governments (Australia, the United States, and India) on tackling cyber borne threats to (inter)national security, focusing on their pledge to pursue certain minimum security standards for software procurement. After detailing the suboptimal state of software security, this policy brief will explain why governments need to provide a robust policy response and how the Quad does so. In this vein, the aforementioned pledge by the four governments is presented as a suitable policy option. The policy brief will argue this with reference to: the benefits of the pledge leveraging economic incentives to shape vendor behaviour, rather than enacting coercive statutory regimes for all software marketed in the Quad countries; the pledge functioning as a tool with which the Quad can counter structural issues in the software ecosystem; and the pledge enabling the Quad’s internal credibility and thus making the four governments coalesce around implementing it and uplifting softwares ecurity. It will conclude by pointing to how the benefits of the Pledge are easily transferable outside the Quad, helping position it as a positive force for encouraging the cyber resilience of societies and economies.