Discussion on National/International cybersecurity frameworks

16 Mar

It is always enlightening to read contradicting viewpoints that are substantiated with good reasoning and ample evidences. Read this article by Prescott Winter and this related article by Alec Muffett. Can we ever have cybersecurity frameworks and/or laws that cut across national boundaries? Or, should we, in the first place?

I am personally more inclined towards Alec’s thoughts. Right from 1969, Internet has been more de facto than de jure. It is good to have standards, policies and processes drive the expectations (say, something like ISO 27001) and various roles in a delivery process adhere to the rights and responsibilities on data handling. That adherence can always  be strengthened with liability regulations of the land. That works much better than International cybersecurity laws.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.