CONGRESS MUST REAUTHORIZE CISA 2015
The Cybersecurity Information Sharing Act (CISA) of 2015 is arguably the most successful cybersecurity legislation ever enacted. It uses market incentives (liability protection) to incentivize critical information sharing between industry and the government. It is currently scheduled to expire in three months. Disabling our most fundamental cybersecurity mechanism would take place at a time of […]
THOUGHTS FROM THE WORLD ECONOMIC FORUM – REIMAGINING CYBER REGULATIONS
Last week, I was honored to be asked to lead the session on reimagining cyber regulations at the World Economic Forum event in Paris. The Forum relies on the Chatham House Rule, so I will await their report on the meeting; however, below is the text from which I drew the opening statement for the […]
UPCOMING ISA EVENT – CISA 2015 REAUTHORIZATION BRIEFING
6/25 ISA EVENT: IT SECTOR COORDINATING COUNCIL TO BRIEF CONGRESS ON CISA 2015 REAUTHORIZATION JOIN US! On June 25 in Cannon 401, the IT Sector Coordinating Council will hold a briefing on the need to reauthorize the 2015 Cybersecurity Information Sharing Act (CISA – the law not the agency). The briefing will begin at noon and end […]
WHY HARMONIZING CYBER REGULATION WON’T WORK – AND WHAT WILL
WHY CYBER REGULATORY HARMONIZATION WON’T WORK The core reason cybersecurity regulatory harmonization won’t work is that it doesn’t promise to improve the effectiveness of our regulations. Harmonization should not be understood as the goal of our efforts to improve our cybersecurity regulatory system. Our goal must be effectiveness, i.e., to actually improve our cybersecurity. Unless […]
