Availability's Law

50 Pages Posted: 13 Apr 2020

See all articles by Ido Kilovaty

Ido Kilovaty

University of Tulsa College of Law; Yale University - Law School

Date Written: April 4, 2020

Abstract

Cybersecurity incidents affecting the availability of computers, networks, and data are on the rise. Distributed Denial-of-Service and ransomware attacks can bring down critical systems and databases, making them unavailable when most needed, potentially affecting every individual, industry, sector, and branch of government. This Article critically evaluates cybersecurity law’s gap in addressing the growing threat of availability attacks to information technology systems. While cybersecurity law is defined as the legal framework that “promotes the confidentiality, integrity, and availability of public and private information, systems, and networks…”, this Article argues that cybersecurity law is overwhelmingly concerned with confidentiality and integrity, often to the exclusion of availability. This Article offers a theory as to why availability is so often ignored by cybersecurity law, and why it should not be. This Article also acknowledges that while cybersecurity law at present is unsatisfactory, certain regulatory and market-based solutions can alleviate the risks arising from availability threats that are currently not covered by the law.

Keywords: cybersecurity law, availability attacks, distributed denial of service, ransomware

Suggested Citation

Kilovaty, Ido, Availability's Law (April 4, 2020). Tennessee Law Review, Vol. 88, 2020, Available at SSRN: https://ssrn.com/abstract=3568790

Ido Kilovaty (Contact Author)

University of Tulsa College of Law ( email )

3120 E. Fourth Place
Tulsa, OK 74104
United States

Yale University - Law School ( email )

P.O. Box 208215
New Haven, CT 06520-8215
United States

Here is the Coronavirus
related research on SSRN

Paper statistics

Downloads
20
Abstract Views
217
PlumX Metrics