Can cybersecurity profit from corporate self-interest?
The telecom industry’s insistence that all regulation is bad for security does a disservice to those who rely on critical infrastructure.
Market forces are no substitue for regulation in developing good cybersecurity policies, writes GCN columnist in his CyberEye column.
Despite pleas from industry to Congress that cybersecurity regulation stifles innovation, experience shows that "relying exclusively on market forces as an incentive for securing networks, coupled with an insistence that all regulation is bad for security, does a disservice to those who rely on this critical infrastructure." Jackson writes.
Commercial self-interest is indeed a motivation for companies to secure their networks, Jackson writes. But, he adds, "[I]t also is wrong to ignore the fact that the security of the nation's critical infrastructure currently is inadequate, that commercial self-interest provides only limited incentive for security investments to a company that is dedicated to producing a profit for shareholders, and that the government has a legitimate interest in the security of the infrastructure that is critical to our economy and safety."
Read the full column here.