G2TT
来源类型Research Reports
规范类型报告
DOIhttps://doi.org/10.7249/RR1700
ISBN9780833096869
来源IDRR-1700-WFHF
A Framework for Exploring Cybersecurity Policy Options
Igor Mikolic-Torreira; Ryan Henry; Don Snyder; Sina Beaghley; Stacie L. Pettyjohn; Sarah Harting; Emma Westerman; David A. Shlapak; Megan Bishop; Jenny Oberholtzer; et al.
发表日期2016
出版年2016
页码106
语种英语
结论

Cybersecurity Suffers from a Lack of Demand in the Market

  • Participants saw few incentives to encourage cybersecurity best practices among technology producers or to educate consumers on their role in protecting their personal data. Participants agreed that data breaches and other exploits unfairly burden consumers. Policies to remedy this imbalance would shift the consequences toward technology developers or producers, as well as penalize attackers.
  • Participants saw a need for market forces to reward security and penalize insecurity. They identified a role for government in classifying products by degree of cybersecurity (assessed through certifications or performance standards). They also agreed that cybersecurity should be prioritized according to the impact of failure, with health and safety devices being the most critical targets for regulation.

Effective Solutions to Cybersecurity Challenges Consider the Interests of a Range of Stakeholders

  • Participants saw a need for public-private partnerships in any successful solution to cybersecurity challenges. However, the focus of these partnerships differed with the games' locations. For example, Washington participants saw a greater role for government in implementing additional protections. Silicon Valley participants were more likely highlight the tech sector's role in changing its business practices to prioritize security.
  • Participants in both games saw the entire system for establishing identity and authenticating transactions as fundamentally broken. They agreed that overuse and overreliance on documents and credentials not created for these purposes (such as Social Security numbers) was a fundamental cybersecurity weakness. Proposed solutions highlighted a need for flexibility in authentication. Participants also suggested empowering consumers to selectively freeze and unfreeze certain types of financial transactions.
摘要
  • Develop cybersecurity standards and certifications, including identification standards that can improve the security of online transactions.
  • Implement a bill of user's rights to help users make informed cybersecurity decisions when purchasing devices.
  • Encourage information sharing between government and industry, and within these sectors, to facilitate action against cybersecurity vulnerabilities and exploits.
  • Provide financial incentives for improved cybersecurity, such as through programs that incentivize users to replace obsolete and potentially vulnerable devices.
  • Direct government funding toward developing effective cybersecurity standards and achieving compliance in an affordable manner.
  • Educate consumers, through public awareness campaigns or school curricula, on cyber risk and cybersecurity best practices.
  • Develop a system of security labeling, similar to food nutrition labels, to allow consumers to compare technology products side by side.
主题Analytic Gaming ; Cyber and Data Sciences ; Cybercrime ; Databases and Data Collection ; Analysis ; and Processing ; Information Privacy ; The Internet
URLhttps://www.rand.org/pubs/research_reports/RR1700.html
来源智库RAND Corporation (United States)
引用统计
资源类型智库出版物
条目标识符http://119.78.100.153/handle/2XGU8XDN/108283
推荐引用方式
GB/T 7714
Igor Mikolic-Torreira,Ryan Henry,Don Snyder,et al. A Framework for Exploring Cybersecurity Policy Options. 2016.
条目包含的文件
文件名称/大小 资源类型 版本类型 开放类型 使用许可
x1495316266561.jpg(9KB)智库出版物 限制开放CC BY-NC-SA浏览
RAND_RR1700.pdf(1085KB)智库出版物 限制开放CC BY-NC-SA浏览
个性服务
推荐该条目
保存到收藏夹
导出为Endnote文件
谷歌学术
谷歌学术中相似的文章
[Igor Mikolic-Torreira]的文章
[Ryan Henry]的文章
[Don Snyder]的文章
百度学术
百度学术中相似的文章
[Igor Mikolic-Torreira]的文章
[Ryan Henry]的文章
[Don Snyder]的文章
必应学术
必应学术中相似的文章
[Igor Mikolic-Torreira]的文章
[Ryan Henry]的文章
[Don Snyder]的文章
相关权益政策
暂无数据
收藏/分享
文件名: x1495316266561.jpg
格式: JPEG
文件名: RAND_RR1700.pdf
格式: Adobe PDF

除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。