Hosted by Greater Washington DC Chapter of the Internet SocietyPanelists
Olaf Kolkman – Chief Internet Technology Officer, The Internet Society
Tom Gann – Government Affairs Lead, McAfee
Jeff Greene - Senior Director, Global Government Affairs and Policy, Symantec
Aarti Soni - Senior Vice President Cyber Claims Advocacy Leader, Marsh
Moderated by Ari Schwartz - Managing Director of Cybersecurity Services, Venable
How does policy impact evolution and innovation of cybersecurity markets and the tech sector?
How can technology, standards-setting, and policy narrow the scope of risk within which cyber defenders operate?
How can policy, markets, and the tech sector help to create the incentives necessary to enhance the security of the Internet?
The Internet has become critical infrastructure and 20 billion devices are expected to be connected by 2020. As the Internet grows, cyber threats have increased alarmingly in number and in scope, threatening every sector of the economy and society and defending the Internet against cyber attacks is one of the great challenges of our time. However, there is no consensus on how to build meaningful cybersecurity into our complex Internet ecosystem. Direct regulation has largely been rejected as too heavy-handed and damaging to innovation. Although there is a growing insurance market to cover the costs of cyber breaches, liability has not been applied to software vendors and has not taken root in the legal system even as industry standardization bodies move slowly in this direction. Existing incentive patterns make disclosure of breaches haphazard at best.
Economic and business incentives, whether through industry self-regulation or government action, may be the most effective mechanism. Such incentives could reduce the risk faced by network and IT system security specialists. Our distinguished panelists will examine what incentives currently exist and what their impact has been, as well as the question of where incentives should emanate from: Industry self-regulation? Public-private partnerships? Government regulation? Or some combination of these? What would be the most effective strategy? Which are easy to put in place and which the most difficult?