[kictanet] Fwd: [Internet Policy] Role of governments in cybersecurity

Barrack Otieno otieno.barrack at gmail.com
Thu Nov 8 12:20:31 EAT 2018 

Listers,

Might be of interest.

Regards

---------- Forwarded message ---------
From: Richard Hill <rhill at hill-a.ch>
Date: Thu, Nov 8, 2018 at 10:43 AM
Subject: [Internet Policy] Role of governments in cybersecurity
To: Internetpolicy at Elists. Isoc. Org <internetpolicy at elists.isoc.org>



This EU report well explains the traditional role of governments with
respect to ensuring safety and security, and how that role might be mapped
to modern ICTs:

https://publications.europa.eu/en/publication-detail/-/publication/80bb1618-16bb-11e8-9253-01aa75ed71a1/language-en

I cite below from the Introduction.

Best,
Richard

====================

Governments have long had an important role in maximising social welfare by
regulating safety and security, where private-sector providers do not have
the incentives to do this properly. The motor industry spent many decades
competing to decorate cars with chromium rather than fit them with seat
belts, until the Product Liability Directive, mandatory safety testing and
the provision of crashworthiness information moved them in a more wholesome
direction. The regulation of drugs has moved us from the Wild West of
nineteenth-century patent medicines to modern standards of safety and
efficacy assessed by randomised controlled trials (the safety of medical
devices lags somewhat behind). Regulation also plays a key role in consumer
confidence; financial regulation and deposit guarantees enable consumers to
trust the banking industry despite occasional crises.

The last twenty years have seen the Internet becoming the main vehicle for
interpersonal communication and for financial services, as well as a key
medium for entertainment, advertising and shopping. The next twenty will
see computer-mediated communications embedded invisibly everywhere, from
cars and domestic appliances to industrial control systems and medical
devices. Large areas of regulation will have to be revisited as the
dependability – the safety and security – of computer and communications
systems becomes critical to the safety of vehicles, medical devices, and in
fact the whole infrastructure on which our societies depend. Indeed, in
many languages, ‘safety’ and ‘security’ are the same word (Sicherheit,
sûureté, seguridad, sicurezza, trygghet, ... ).

... What should this regulatory framework look like a decade from now? Will
cybersecurity require a powerful, cross-domain regulator; or will each
sector regulator acquire a cell of cybersecurity expertise; or will it be
some mixture of general and sectoral approaches; or will we need to develop
something else entirely?

...

The goals and mission of a cybersecurity regulator may therefore be some
mix of the following:
1. Ascertaining and agreeing protection goals 2. Setting standards 3.
Certifying standards achievement and enforcing compliance 4. Reducing
vulnerabilities 5. Reducing compromises 6. Reducing system externalities


_______________________________________________
To manage your ISOC subscriptions or unsubscribe,
please log into the ISOC Member Portal:
https://portal.isoc.org/
Then choose Interests & Subscriptions from the My Account menu.


-- 
Barrack O. Otieno
+254721325277
+254733206359
Skype: barrack.otieno
PGP ID: 0x2611D86A
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20181108/1da794ed/attachment.htm>

More information about the KICTANet mailing list