Harms arising from cybersecurity flaws.
Everyone agrees on the need for more and better cybersecurity. But what exactly does that look like, and how can industry and government get there? Answering these questions requires examining both what behaviors technology designers and operators—such as companies that make software or hold and process sensitive data—should emulate and how government can incentivize or require this behavior. This issue area covers cyber standards and policy and regulatory structures to advance their adoption such as software liability.
Projects
“Reasonable” Cybersecurity in Forty-Seven Cases: The Federal Trade Commission’s Enforcement Actions Against Unfair and Deceptive Cyber Practices
The FTC has brought 47 cases against companies for unfair or deceptive cybersecurity practices. What can we learn from them?
The Cyber Statecraft Initiative, part of the Atlantic Council Tech Programs, works at the nexus of geopolitics and cybersecurity to craft strategies to help shape the conduct of statecraft and to better inform and secure users of technology.