The world is more connected now than ever, with half the world’s population currently online.1 However, these online connections create risk, including large-scale data theft, privacy violations, phishing scams, ransomware, and malicious information operations that affect millions of people in the United States and around the world each year. In total, cybercrime will cost up to $6 trillion by 2021 – equivalent to nearly half of today’s US GDP. 2 In addition, these threats erode trust in the online environment, disrupt global commerce, and cause physical damage to critical infrastructure, ultimately putting lives at risk.
To address this reality, cybersecurity practices and tools must defend the integrity, privacy, and utility of the Internet ecosystem. BSA | The Software Alliance has released an agenda, “Security in the Connected Age,” to define elements that US cybersecurity policy should address. These include promoting a secure software ecosystem, creating a stronger government approach to cybersecurity, pursuing consensus for cybersecurity action, developing a 21stcentury cybersecurity workforce, and advancing cybersecurity through digital transformation.
“Cybersecurity policies should be rooted in the realities of today’s complex global digital economy,” said Victoria Espinel, President and CEO of BSA | The Software Alliance. “This agenda can play a key role in helping policymakers evaluate and prioritize legislation that will most effectively strengthen our cybersecurity.”
Turning this agenda into policy solutions will require close collaboration between the private and public sectors. BSA urges the US government to partner with industry to:
· Promote a secure software ecosystem by creating industry benchmarks, developing tools to understand critical information, and strengthening security research and vulnerability disclosure;
· Strengthen government’s approach to cybersecurity by modernizing government IT, harmonizing federal cybersecurity regulations, and incentivizing adoption of the National Institute of Standards and Technology’s framework;
· Pursue international consensus for cybersecurity action by supporting international standards development, as well as adopting and streamlining international security laws;
· Develop a 21st century cybersecurity workforce by increasing access to computer science education and opening new paths to cybersecurity careers; and
· Advance cybersecurity by embracing digital transformation, leveraging the potential of emerging technologies and forging innovative partnerships to combat emerging risks.