During the Chamber of Commerce Cybersecurity Summit in Washington, D.C., Commerce Secretary Penny Pritzker explained that data breach enforcement action against companies will only make matters worse. Instead, Pritzker believes new legislation and steps designed to establish trust between industry and government will better help prevent cyber-attacks and data breaches. “We cannot regulate cyber risks out of existence, cybersecurity requires a new collaborative, active approach,” which requires a “joint defensive posture,” said Pritzker.
Pritzker is not alone, as business leaders have expressed fear that the regulatory agencies will use “industry developed voluntary standards to enforce against cyber vulnerabilities in the sectors they regulate,” according to a recent Inside Cybersecurity article. For example, the voluntary cybersecurity framework created by the National Institute of Standards and Technology (NIST), has become a standard set of guidelines across all industries. However, using the framework as a set of requirements through attaching liability will only further divide the public and private spheres.