In the wake of a series of destabilizing and damaging cyber attacks, there has been a growing call for the U.S. government to establish an analogue of the National Transportation Safety Board (NTSB) to investigate cyber attacks. As we recently argued in a letter to the Wall Street Journal, we think that it is past time for such a move. The SolarWinds hack, for example, highlights many vulnerabilities that have gone unaddressed for too long. First, it shows that the nation’s approach to supply-chain cybersecurity is notoriously inadequate. Second, it demonstrates that a go-it-alone strategy for cybersecurity risk management is doomed to failure. Cybersecurity firm FireEye ’s coming forward helped ring the alarm that U.S. early-warning sensors reportedly missed. Third, it highlights the extent to which our nation’s critical infrastructure remains vulnerable, despite decades of efforts aimed at improving our defenses….
In short, we will make the case that it is time for Congress to create a cybersecurity safety board to investigate breaches to find out why they happened and how to prevent them from happening again…
By: Scott Shackelford & Christopher Hart
Full Abstract & Presentation Materials: