Cybersecurity’s First Crash Report
Kicking off a packed episode, the Cyberlaw Podcast calls on Megan Stifel to cover the first Cyber Safety Review Board (CSRB) Report. The CSRB does exactly what those of us who supported the idea hoped it would do – provide an authoritative view of how the Log4J incident unfolded along with some practical advice for cybersecurity executives and government officials.
Jamil Jaffer tees up the second blockbuster report of the week, a Council on Foreign Relations study called “Confronting Reality in Cyberspace Foreign Policy for a Fragmented Internet.” I think the study’s best contribution is its demolition of the industry-led claim that we must have a single global internet. That has not been a realistic prospect for a decade, and pursuing that vision has kept the U.S. from fully defending its own interests in cyberspace, so CFR’s realism is welcome. Less welcome is its utterly wrong claim that the U.S. can resolve its transatlantic dispute with Europe by adopting a European-style privacy law. Europe has no real remaining beef with us on privacy regulation of industry (we surrendered); now the fight is over Europe’s demand that we rewrite our intelligence and counterterrorism laws, a demand that new privacy legislation won’t satisfy. Jamil Jaffer and I debate both propositions.
Megan discloses the top cybersecurity provisions added to the House defense authorization bill – notably the five year term for the head of Cybersecurity and Infrastructure Security Agency (CISA) and a cybersecurity regulatory regime for systemically critical industry. The Senate hasn’t weighed in yet, but both provisions now look more likely than not to become law.
Regulatory cybersecurity measures are the flavor of the month in Washington. The latest evidence: The Biden White House is developing a cybersecurity strategy that is expected to encourage more regulation. Jamil reports on the development but is clearly hoping that my prediction of more regulation does not come true.
Speaking of cybersecurity regulation, Megan kicks off a discussion of Department of Homeland Security’s CISA weighing in to encourage new regulation from the Federal Communication Commission (FCC) to incentivize a shoring up of the Border Gateway Protocol’s security. Jamil thinks the FCC would do better looking for incentives than punishments.
Article from Reason.com
