MAY 24, 2019 | US
Progress in Cybersecurity: Toward a System of Measurement
Lawfare, May 24, 2019
By Paul Rosenzweig
From Paul Rosenzweig, Senior Fellow at R Street Institute: Recently, BSA released its new Framework for Secure Software. The framework is advanced as a way of assessing and measuring the security of software products along the entire lifecycle of a piece of software—from conception and design to patching and replacement, along with everything in between. Two aspects of this effort are noteworthy and commendable. First, the document is notable simply for its existence. Historically, the software industry (and the hardware industry) have disclaimed any liability for the functioning of their products. At a broader societal scale, there are reasons to think that's the wrong answer, but there is also a good economic reason why the industry might take that view. And so, it is really quite remarkable (and politically brave) for the software industry to articulate any standards at all—for in doing so they will, inevitably, be inviting someone to suggest that those standards are enforceable in law to the disbenefit of industry members. Self-regulation is a good thing—but it carries with it some risks. Good on BSA for moving ahead anyway.
Original Posting: https://www.lawfareblog.com/progress-cybersecurity-toward-system-measurement
SOBRE A BSA
A BSA | The Software Alliance (www.bsa.org) é a principal defensora do setor global de software perante governos e no mercado internacional. Seus membros estão entre as empresas mais inovadoras do mundo, criando soluções de software que estimulam a economia e melhoram a vida moderna.
Com sede em Washington, DC e operações em mais de 30 países, a BSA promove programas de conformidade que promovem o uso legal de software e defendem políticas públicas que promovem a inovação tecnológica e o crescimento da economia digital.