Open Access. Powered by Scholars. Published by Universities.®

Law Commons

Open Access. Powered by Scholars. Published by Universities.®

Computer Law

Data breach

University of Colorado Law School

Articles 1 - 1 of 1

Full-Text Articles in Law

That Was Close! Reward Reporting Of Cybersecurity “Near Misses”, Jonathan Bair, Steven M. Bellovin, Andrew Manley, Blake Reid, Adam Shostak Jan 2018

That Was Close! Reward Reporting Of Cybersecurity “Near Misses”, Jonathan Bair, Steven M. Bellovin, Andrew Manley, Blake Reid, Adam Shostak

Publications

Building, deploying, and maintaining systems with sufficient cybersecurity is challenging. Faster improvement would be valuable to society as a whole. Are we doing as much as we can to improve? We examine robust and long-standing systems for learning from near misses in aviation, and propose the creation of a Cyber Safety Reporting System (CSRS).

To support this argument, we examine the liability concerns which inhibit learning, including both civil and regulatory liability. We look to the way in which cybersecurity engineering and science is done today, and propose that a small amount of ‘policy entrepreneurship’ could have substantial positive impact. …