TechREG® Chronicle – Cybersecurity

Dear Readers,

Cybersecurity – typically understood as the practice of protecting networks, devices, and data from unauthorized or criminal use – has long been the domain of computer scientists and other specialists that wield their knowledge as so-called “white hat” hackers that defend against the nefarious activities of the “black hats.”

Michael Daniel opens, noting that in most countries, organizations have traditionally faced few cybersecurity regulations. However, as the (perceived) cybersecurity threat has grown and the dependence on IT has grown, nations are increasingly turning to regulation as a method to improve their security. His article lays out five principles governments should follow to create more effective regulations: creating standards of care that vary by industry, criticality, and size; limiting complexity in any regulations; reallocating the security burden to the organizations in the ecosystem best positioned to handle it; avoiding zero-tolerance for failure; and harmonizing the rules across industries and jurisdictions whenever possible. Following these principles would produce regulations more likely to achieve the desired outcome of a more secure digital ecosystem.

Michael G. McLaughlin addresses how the specific risks posed by TikTok have garnered attention due to concerns about potential threats to users and to national security in the U.S. Recent reports suggest that cyberattacks, including those linked to China, are increasi