Or maybe we need a new definition of cyberinsecurity. Whatever it is, the current U.S. government definition is outdated. But I should start at the beginning …
Latest in DayZero
As cybercrime spreads in its many mutations, governments and regulators across the globe continue to develop a variety of solutions. One regulatory method that has gained in popularity and sophistication in recent years is the financial response to cybercrime. The United States in particular has explored financial sanctions at the “front end,” to deprive cybercriminals of access to financial channels, and financial penalties at the “back end,” particularly asset forfeiture, to recover the proceeds of criminal activity.
The federal government isn’t often held up as a model for IT innovation and efficiency, but there are areas where they should be. An example of a policy directive that has paid dividends is the Continuous Diagnostics and Mitigation (CDM) program, whose aim is to give civilian government agencies a sensible, cost-effective way to upgrade their cybersecurity posture. CDM is available to other organizations as well—such as state, local, regional and tribal governments and the U.S.
In December, following the Planned Parenthood shooting and San Bernardino attacks, I shared some thoughts on the differences between domestic and international terrorism laws in the U.S. There, I argued that it was both rational and protective of civil liberties to avoid extending the substantive offenses and law enforcement authorities of international terrorism domestically.