Innovation and Cybersecurity Regulation

The market has failed to secure cyberspace.  A ten-year experiment in faith-based cybersecurity has proven this beyond question.

A new Federal approach to cybersecurity will fail if it does not elicit actions that the private sector will not otherwise perform.

Regulation and innovation are not inherently at odds.  If one extreme – over-regulation - damages the public interest, so does its opposite, a lack of Federal intervention to advance the common interest.  Whether this is financial activity, food safety, or automobiles, there are many examples where the Federal government imposed rules and mandated action by the private sector to secure the public, dating back to the early 19th century.  One lesson to draw from this experience is that regulation can inspire innovation, by creating demand for new and safer products and by encouraging innovators to work in a conceptual framework that does not make security and safety a tertiary concern.