Information-Sharing Policy and Cybersecurity
Security through obscurity is dead–government and industry increasingly realize that soliciting and sharing information about security vulnerabilities and hacks is a vital part of building a more secure cyber ecosystem. How and when these disclosures take place, as well as to whom they are made, have impacts on the market forces shaping cybersecurity and on the broader cyber risk landscape. And, the ways in which organizations, including government, respond to incidents and take lessons away shape their cyber future.
The SEC wants to require fast, public disclosure of cybersecurity incidents. These rules could benefit investors—and the cyber ecosystem.
The Atlantic Council’s Cyber Statecraft Initiative, under the Digital Forensic Research Lab (DFRLab), works at the nexus of geopolitics and cybersecurity to craft strategies to help shape the conduct of statecraft and to better inform and secure users of technology.