Why the Cybersecurity Framework Will Make Us Less Secure
20 Pages Posted: 12 Jul 2018
Date Written: 04/17/2014
The "Cybersecurity Framework" is an ambitious plan to federally categorize industries and prioritize vulnerabilities as determined by federal agencies and private consultants. Cybersecurity Framework proponents believe this federally designed, initially voluntary set of standards can improve cybersecurity for protected firms and industries that the Department of Homeland Security designates as "critical infrastructure sectors." In reality, much of the functioning Internet governance that users enjoy today is not a product of government committees but rather a natural emergence from the rules and incentives that permeate the Internet, called "dynamic cybersecurity." What is more, the Cybersecurity Framework is likely to cause more problems than it solves. This paper describes dynamic cybersecurity provision, contrasts this with the shortcomings of the Cybersecurity Framework, and proposes better reforms to improve dynamic cybersecurity provision for critical infrastructure.
Suggested Citation: Suggested Citation