Estimated reading time: 1 minute, 52 seconds

More Cybersecurity Regulations Needed: Experts

The surging wave of cyberattacks in the first six months of 2021 has led to calls for new private-sector cybersecurity rules.

As The Washington Post reports, 86% of cybersecurity experts on the newspaper’s 100-person panel now feel that the government should impose basic cybersecurity requirements for companies vital to U.S. national and economic security.

cyber security 3400555 640Not long ago, it was standard for government officials to maintain that voluntary standards, not mandatory regulations, were enough, reasoning that companies would invest appropriately to avoid the bad publicity of a major hack. But Michael Daniel, former White House cyber coordinator during the Obama administration, noted that a level of cybersecurity that makes sense for a private company might be too little to serve the public interest.

Jay Kaplan, co-founder of the cybersecurity firm Synack, told the Post: “As a society, we’ve gone to great lengths to establish environmental, food, automotive and housing standards that private industry must abide by to help ensure public safety. It’s time to apply those same principles to cybersecurity.”

David Hickton, founding director of the University of Pittsburgh Institute for Cyber Law, Policy, and Security, told the Pittsburgh Post-Gazette that the government should abide by the March 2020 recommendations of the congressionally established Cyberspace Solarium Commission. “While recognizing that private-sector entities have primary responsibility for the defense and security of their networks,” the panel’s report reads, “the U.S. government must bring to bear its unique authorities, resources, and intelligence capabilities to support these actors in their defensive efforts.”

Lawmakers on both sides of the aisle are calling for legislation to beef up the nation’s cyber defenses, reports WGN. “This is a question of aggressively pursuing protection against cyber-attacks," said Rep. Brian Higgins (D-N.Y.).

But the Obama administration’s attempts to enact cybersecurity legislation for systemically important private companies failed under industry pressure. As CNBC reports, cybersecurity experts also propose the development of a set of cybersecurity standards, like the generally accepted accounting principles used by businesses for financial reporting.

Michael Daniel, also the president and CEO of the Cyber Threat Alliance, told CNBC that a robust set of cybersecurity standards would help companies treat cybersecurity not as a problem they can dodge, but as a risk to be managed.

Read 1815 times
Rate this item
(0 votes)

Visit other PMG Sites: