Through dynamic and cost-effective solutions, Congress can make cyberspace a safer and more productive place for U. More important, they misunderstand that their own cyber insecurity has collateral effects on others—effects for which they are responsible. Government Accountability Office (GAO) has found, such an approach would be more like an anchor holding back U. entities while not providing additional security. Congress should reject a regulatory approach and adopt legislation that will actually improve the nation’s cybersecurity.
Once in place, regulations are very difficult to remove or even change.
The cybersecurity status quo is unstable, especially when considering the enormous and growing scope of these threats. Nation-states such as Russia, China, and Iran are more than willing to steal or destroy U. digital property to further their power or prestige.
There is, therefore, a role for the federal government to encourage actions that will improve the overall cybersecurity posture of the U. That role, however, is not to set mandatory regulations. Such legislation must be able to adjust to the continuously developing challenge that is today’s cyber environment.
Ultimately, a significant number of relevant players believed—and still do—that regulation is the wrong way to foster cybersecurity.
Such concerns prevented the Cybersecurity Act of 2012 from becoming law.