The fact that the US government does not have a clear picture of cyber threats or how often public and private entities are affected needs to be fixed quickly, Paul Rosenzweig, senior fellow for cybersecurity at the R Street Institute, a conservative public-policy group, said during a session at the RSA Conference on the outstanding priorities from the Cyberspace Solarium Commission (CSC).
“It boggles my mind that 15 years into this cybersecurity crisis, we still don’t have an operating picture of how frequently and what sorts of what breaches occur in the United States,” he told attendees to the virtual session . “Without a comprehensive breach notification law, we will never get a sense of what is actually happening on the ground.”
