Cybersecurity policies should marshal market forces to protect the information systems that are indispensable to a thriving digital economy. They must promote rapid innovation and adaptation in the face of a constantly evolving threat landscape. And because the economy is global, they must be internationally cohesive.
Specific policy actions needed:
Strengthening cybersecurity capabilities
- Promote real-time sharing of cyber threat information while protecting privacy and civil liberties.
- Modernize and strengthen the public-private partnership that protects the nation’s critical cyber infrastructure without putting undue regulatory burdens on industry.
- Support cyber R&D with greater resources for research and education to improve US cybersecurity.
- Give technologists in federal agencies greater authority and responsibility for identifying and correcting vulnerabilities in government IT systems.
- Increase law enforcement’s domestic and international tools, resources, and capabilities.
- Streamline compliance for businesses and reduce confusion for consumers by establishing a uniform national standard that requires consumers to be notified when their personal data has been compromised to an extent that presents a substantial risk of harm.