MAY 24, 2019 | US
Progress in Cybersecurity: Toward a System of Measurement
Lawfare, May 24, 2019
By Paul Rosenzweig
From Paul Rosenzweig, Senior Fellow at R Street Institute: Recently, BSA released its new Framework for Secure Software. The framework is advanced as a way of assessing and measuring the security of software products along the entire lifecycle of a piece of software—from conception and design to patching and replacement, along with everything in between. Two aspects of this effort are noteworthy and commendable. First, the document is notable simply for its existence. Historically, the software industry (and the hardware industry) have disclaimed any liability for the functioning of their products. At a broader societal scale, there are reasons to think that's the wrong answer, but there is also a good economic reason why the industry might take that view. And so, it is really quite remarkable (and politically brave) for the software industry to articulate any standards at all—for in doing so they will, inevitably, be inviting someone to suggest that those standards are enforceable in law to the disbenefit of industry members. Self-regulation is a good thing—but it carries with it some risks. Good on BSA for moving ahead anyway.
Original Posting: https://www.lawfareblog.com/progress-cybersecurity-toward-system-measurement
ÜBER BSA
BSA | The Software Alliance (www.bsa.org) ist die globale Stimme der Software-Industrie gegenüber Politik und Wirtschaft. Die Mitglieder der BSA gehören zu den innovativsten Unternehmen weltweit und erarbeiten neue Software-Lösungen, die die Wirtschaft antreiben und das moderne Leben von heute prägen.
Die BSA mit Hauptsitz in Washington, D.C., und Niederlassungen in über 30 Ländern weltweit leistet Pionierarbeit in der Schaffung von Programmen zur Einhaltung und Durchsetzung geistiger Eigentumsrechte und der Einführung von Richtlinien, auf deren Basis technologische Innovationen und die digitale Wirtschaft gefördert werden.