Open Access. Powered by Scholars. Published by Universities.®

Law Commons

Open Access. Powered by Scholars. Published by Universities.®

Articles 1 - 3 of 3

Full-Text Articles in Law

Cybersecurity: What About U.S. Policy?, Lawrence J. Trautman Feb 2015

Cybersecurity: What About U.S. Policy?, Lawrence J. Trautman

Lawrence J. Trautman Sr.

During December 2014, just hours before the holiday recess, the U.S. Congress passed five major legislative proposals designed to enhance U.S. cybersecurity. Following signature by the President, these became the first cybersecurity laws to be enacted in over a decade, since passage of the Federal Information Security Management Act of 2002. My goal is to explore the unusually complex subject of cybersecurity policy in a highly readable manner. An analogy with the recent deadly and global Ebola epidemic is used to illustrate policy challenges, and hopefully will assist in transforming the technological language of cybersecurity into a more easily understandable …


Managing Cyberthreat, Lawrence J. Trautman Jan 2015

Managing Cyberthreat, Lawrence J. Trautman

Lawrence J. Trautman Sr.

Cyber security is an important strategic and governance issue. However, because most corporate CEOs and directors have no formal engineering or information technology training, it is understandable that their lack of actual cybersecurity knowledge is problematic. Particularly among smaller companies having limited resources, knowledge regarding what their enterprise should actually be doing about cybersecurity can’t be all that good. My goal in this article is to explore the unusually complex subject of cybersecurity in a highly readable manner. First, an examination of recent threats is provided. Next, governmental policy initiatives are discussed. Third, some basic tools that can be used …


Threats Escalate: Corporate Information Technology Governance Under Fire, Lawrence J. Trautman Jan 2012

Threats Escalate: Corporate Information Technology Governance Under Fire, Lawrence J. Trautman

Lawrence J. Trautman Sr.

In a previous publication The Board’s Responsibility for Information Technology Governance, (with Kara Altenbaumer-Price) we examined: The IT Governance Institute’s Executive Summary and Framework for Control Objectives for Information and Related Technology 4.1 (COBIT®); reviewed the Weill and Ross Corporate and Key Asset Governance Framework; and observed “that in a survey of audit executives and board members, 58 percent believed that their corporate employees had little to no understanding of how to assess risk.” We further described the new SEC rules on risk management; Congressional action on cyber security; legal basis for director’s duties and responsibilities relative to IT governance; …