Incentives for Cybersecurity

Paul Rosenzweig
Tuesday, August 6, 2013, 2:02 PM
Consistent with the earlier cybersecurity Executive Order, the Administration has been working on ways of incetivizing the private sector to adopt the Cybersecurity Framework under development by NIST.  Earlier today, the White House announced the outlines of its incentives policy.  It anticipates offering incentives in 8 separate areas:
  • Cybersecurity Insurance 
  • Grants
  • Process Preference
Meet The Authors

Published by The Lawfare Institute
in Cooperation With
Brookings

Subscribe to Lawfare
Consistent with the earlier cybersecurity Executive Order, the Administration has been working on ways of incetivizing the private sector to adopt the Cybersecurity Framework under development by NIST.  Earlier today, the White House announced the outlines of its incentives policy.  It anticipates offering incentives in 8 separate areas:
  • Cybersecurity Insurance 
  • Grants
  • Process Preference
  • Liability Limitation
  • Streamline Regulations
  • Public Recognition
  • Rate Recovery for Price Regulated Industries
  • Cybersecurity Research
The announcement is short on details, but long on ambition.   And I have not yet found (much less read) the underlying  reports.  But if fully implemented to the maximum extent permitted by existing law, these types of changes would put a significant effort behind efforts to drive the public sector toward the NIST security model -- all without the need for Congressional legislation.
Back to Top
Paul Rosenzweig

Paul Rosenzweig

@RosenzweigP
Read More
Paul Rosenzweig is the founder of Red Branch Consulting PLLC, a homeland security consulting company. He formerly served as deputy assistant secretary for policy in the Department of Homeland Security. He is a professorial lecturer in law at George Washington University, a senior fellow in the Tech, Law & Security program at American University, and a board member of the Journal of National Security Law and Policy.
}

Subscribe to Lawfare