Over the past decade, through advancements in cloud, digital transformations, and COVID, all types of businesses now grapple with significant cyber risk. While ten years ago industry as a whole was resistant to regulation, today marks a sea change. Industry as whole stands ready for cyber regulations, looking for the standards that have helped heavily regulated sectors like finance invest in security and privacy.
Rob Knake, White House Principal Deputy National Cyber Director (Acting) told the Advanced Cyber Security Center (ACSC) audience that industry specific regulation is coming and it will aim to drive those standards and investments that have proven necessary and beneficial in the financial sector.
Knake provided the keynote remarks at “Cyber Governance and Risk: Getting Ahead of the Regulators,” a practice-sharing collaboration between CISOs, risk officers, and legal counsels, hosted by the ACSC at Foley Hoag in Boston on March 30. The event placed an emphasis on how cybersecurity teams can best support senior management and boards.
“The ACSC is a model for bringing the private and public sectors together,” Knake said. “This is a model that we’ve been trying to get other organizations to build – a model for government partnership.”
Knake focused his remarks on what’s coming and what has changed, emphasizing the following points:
There is a right way and a wrong way to achieve desired regulatory outcomes. We want a cooperative effort with industry and government as we look at sectors with big gaps.
Must ensure that regulations can be paid for. We need a model that works for all sectors to ensure that investments can be made.
There is a need for regulatory harmonization – both in the United States and globally. As an industry we are spending too much on proving compliance – not necessarily security.
The need to set baseline standards across industries for critical infrastructure is a major shift from past approaches. While this shift isn’t a surprise, it’s one that will require a shift in outlook and strategy both internally and externally for many organizations, most notably from the top down.
Want to learn more? You can be a part of these important discussion too! Contact Jim Dinneen at jdinneed@acscenter.org to learn how your organization can become a member.