Operationalizing Cybersecurity Due Diligence: A Transatlantic Comparative Case Study

28 Pages Posted: 14 Jan 2016

See all articles by Scott Shackelford

Scott Shackelford

Indiana University - Kelley School of Business - Department of Business Law; Harvard Kennedy School Belfer Center for Science & International Affairs; Center for Applied Cybersecurity Research; Stanford Center for Internet and Society; Stanford Law School

Scott Russell

Indiana University Bloomington - Center for Applied Cybersecurity Research

Date Written: January 12, 2016

Abstract

Although much work has been done on applying the law of warfare to cyber attacks, far less attention has been paid to defining a law of cyber peace applicable below the armed attack threshold. Among the most important unanswered questions is what exactly nations’ due diligence obligations are to one another and to the private sector, as well as how these obligations should be translated into policy. In this Article, we analyze how both the United States and the European Union are operationalizing the concept of cybersecurity due diligence, and then move on to investigate a menu of options presented to the European Parliament in November 2015 by the authors to further refine and apply this concept.

Keywords: cybersecurity, NIS Directive, General Data Privacy Regulation, EU data privacy, Cybersecurity Act of 2015, cyber attack

Suggested Citation

Shackelford, Scott J. and Russell, Scott, Operationalizing Cybersecurity Due Diligence: A Transatlantic Comparative Case Study (January 12, 2016). South Carolina Law Review, 2016; Kelley School of Business Research Paper No. 16-16. Available at SSRN: https://ssrn.com/abstract=2714529

Scott J. Shackelford (Contact Author)

Indiana University - Kelley School of Business - Department of Business Law ( email )

Bloomington, IN 47405
United States

Harvard Kennedy School Belfer Center for Science & International Affairs ( email )

79 JFK Street
Cambridge, MA 02138
United States

Center for Applied Cybersecurity Research ( email )

Wylie Hall 105
100 South Woodlawn
Bloomington, IN 47405
United States

Stanford Center for Internet and Society ( email )

Palo Alto, CA
United States

Stanford Law School ( email )

Stanford, CA 94305
United States

Scott Russell

Indiana University Bloomington - Center for Applied Cybersecurity Research ( email )

Wylie Hall 105
100 South Woodlawn
Bloomington, IN 47405
United States

Register to save articles to
your library

Register

Paper statistics

Downloads
394
rank
71,168
Abstract Views
1,668
PlumX Metrics