The program's success is built on the fact that it gives companies a legal safe harbor to share information about cyber threats with the government, even if that information might suggest their own security was lacking. The new proposal to remove those protections, if a company's own policies were violated, would essentially remove that safe harbor. Such as "user agreements" etc... There are fears this would make companies reluctant to share any information at all, which would then create a major "cyber blind spot" and weaken the nation's overall defenses. It will come down to what is cheaper not reporting because you don't want to fix your policies, or fix the problem to begin with... it almost sounds like the qualified immunity argument for the police... #privacy #cyber #cybersecurity #randpaul https://lnkd.in/g-zeVmKb
With over 15 years of experience in cybersecurity & risk management, I specialize in the NIST framework, including CMMC. I deliver on time results and solve problems.
2dTotally agree!! But hey why would he care about our national security… it’s all good. Most of our cybersecurity has been lacking for last 20 years anyway.