Industrial policies are appropriate when market failures have led to the under-provision of a good or service. The cybersecurity industry’s growth has been held back for several reasons, including intractable labor shortages. Vinod K. Aggarwal and Andrew W. Reddie write in Defense One that both the United States and United Kingdom suffer from a documented shortage of skilled programmers and computer scientists working on cybersecurity issues, and the U.S. alone is projected to have a shortage of 1.2 million professionals by 2022, according to the Center for Strategic and International Studies. The market has also been hindered by so-called “information problems,” as firms are often not aware of their own vulnerabilities and avoid sharing information about data breaches given the reputation costs associated with disclosure. So what can the government do about it?