MAY 24, 2019 | US
Progress in Cybersecurity: Toward a System of Measurement
Lawfare, May 24, 2019
By Paul Rosenzweig
From Paul Rosenzweig, Senior Fellow at R Street Institute: Recently, BSA released its new Framework for Secure Software. The framework is advanced as a way of assessing and measuring the security of software products along the entire lifecycle of a piece of software—from conception and design to patching and replacement, along with everything in between. Two aspects of this effort are noteworthy and commendable. First, the document is notable simply for its existence. Historically, the software industry (and the hardware industry) have disclaimed any liability for the functioning of their products. At a broader societal scale, there are reasons to think that's the wrong answer, but there is also a good economic reason why the industry might take that view. And so, it is really quite remarkable (and politically brave) for the software industry to articulate any standards at all—for in doing so they will, inevitably, be inviting someone to suggest that those standards are enforceable in law to the disbenefit of industry members. Self-regulation is a good thing—but it carries with it some risks. Good on BSA for moving ahead anyway.
ACERCA DE BSA
BSA | The Software Alliance (www.bsa.org) es el principal defensor de la industria global del software ante los gobiernos y en el mercado internacional. Sus miembros se encuentran entre las compañías más innovadoras del mundo, creando soluciones de software que impulsan la economía y mejoran la vida moderna.
Con sede central en Washington, DC y operaciones en más de 30 países, BSA es pionera en programas de cumplimiento normativo diseñados para fomentar el uso legal de software, y apoya políticas públicas que incentivan la innovación tecnológica e impulsan el crecimiento de la economía digital.