Management of technology deserves policy reform like all other parts of economy

Summary

Former Facebook CISO Alex Stamos proposed building a cyberspace equivalent of the National Transportation Safety Board (NTSB). He said, “such an agency would track attacks, conduct investigations into the root causes of vulnerabilities and issue recommendations on how to prevent them in the future.” Stamos points how the public accounting of hacks like SolarWind do not yield the vital lessons learned that can be applied to minimize the likelihood of a similar event in future.

Report

Analysis

Beyond creating an NTSB-like entity, the first policy reform step should be around the creation of more fundamental standards setting on the management of technology and disclosure of risks. To use the automobile analogy, after years of unnecessarily fatal incidents on the road, the government enacted laws in the automobile sector to make cars safer and more secure. Such laws don’t exist for digital technology but until they do, breaches that could otherwise be avoided or minimized won’t be. Companies like SolarWind and many other 1-2-Star companies will carry on with inadequate security. They will jeopardize customers and partners while not breaking any laws or violating any standards in the process.

The lesson on the need for some baseline standards of performance, enforced through a mix of policy and regulation has been hard won in all other facets of the economy such as pharmaceuticals, airlines and environmental protection. The same is needed for something that now drives the economy—digital technology.

We use cookies to make our website more user-friendly and effective

The Cyberhedge Indices Cookie Policy

What are the Cyberhedge Cyber Governance Indices?

These first ever benchmarks prove good cyber governance matters to shareholder value. They measure stock market performance of companies with good and with bad cyber governance scores. Scores are based on Cyberhedge’s proprietary cyber governance rating methodology. Market performance is tracked by an independent firm. The results show that companies with good cyber governance outperform their peers in US, UK, and EU markets.

Information that we collect

Here you can see and customize the information that we collect about you. To learn more, please read our privacy policy

Continue on website