FIRST DO NO HARM: THE MANTRA FOR NEW CYBER REGULATION
The traditional regulatory model – when applied to cybersecurity – is actually anti-security. For all the discussion around the Biden Administration’s new cyber strategy generating new regulations, this one simple fact remains. There is no evidence the cyber regs are working. The real question is not so much how much new regulations there ought to be. Rather, the question is how new the regulations ought to be. In its recently released 2023 National Cybersecurity Strategy, The White House states “Effective regulations minimize the cost and burden of compliance, enabling organizations to invest resources in building resilience, and defending their systems and assets. By leveraging existing international standards in a manner consistent with current policy