Is multiple choice the right way to go on cybersecurity standards?

“Some of NIST’s rules are becoming more flowy,” says Paul Rosenzweig, a senior fellow at the R Street Institute and a law professor at George Washington University. “Smaller banks and other financial institutions that don’t have the resources have been slower on the uptake.”

Rosenzweig said cyber rules can serve as a baseline standard. “Regulation is the tide that lifts all boats, especially the laggards relying on everyone else’s security.”

But he added that merely requiring banks to check boxes with more regulation has its limits. For one thing, he noted, the industry still lacks a definitive way to grade a company’s commitment to cybersecurity beyond its IT budget.

“You can point at how much you’re spending on security and count how many boxes you fill on a security checklist, but there’s no equivalent of a FICO score for cybersecurity,” he said.

Featured Publications

Analysis Coal, Energy and Environment, Energy Regulatory Reform, Environmental Regulation, Federal Government Affairs, Fossil Fuels

Market Gateways, Not the EPA, Determine Power Sector Decarbonization

Devin Hartman April 25, 2024

Op-Eds Criminal Justice and Civil Liberties, Policing

A Modest Proposal for Police Reform

Steven Greenhut April 24, 2024 The American Spectator

In the News Budget and Spending Reform, Federal Government Affairs, Finance and Trade, Governance, Pensions

Radio: Can we Save Social Security in Time Before it Runs Out?

Chris McIsaac April 24, 2024 Inside Sources with Boyd Matheson

Analysis Artificial Intelligence, Technology and Innovation

Artificial Intelligence Legislative Outlook: Spring 2024 Update

Adam Thierer April 24, 2024

In the News Artificial Intelligence, Cybersecurity Policy, Data Security and Data Privacy, Federal Government Affairs, Technology and Innovation

Software group cites concerns as stakeholders weigh in on revamped privacy bill

Brandon Pugh April 23, 2024 Inside AI Policy

Analysis Criminal Justice and Civil Liberties, Federal Government Affairs, Juvenile Justice, Pretrial

Spotlight on Criminal Justice: Observing National Child Abuse Prevention Month – April

Christi M. Smith April 23, 2024

Real Solutions Artificial Intelligence, Cybersecurity, Cybersecurity Policy, Federal Government Affairs, Technology and Innovation

Future of AI Innovation Act Improves Responsible AI Innovation in Federal Government and Private Sectors

Amy Chang, Haiman Wong April 23, 2024

Real Solutions Budget and Spending Reform, Federal Government Affairs, Finance and Trade, Governance, Pensions

Social Security is going to run out. State pension reform can provide a lesson on how to save it.

Ann Phelan April 23, 2024

Analysis Harm Reduction, Sexual Health

HPV Vaccination: A Sexual Health Harm Reduction Success Story

Chelsea Boyd April 22, 2024

Op-Eds Federal Government Affairs, Patent, Technology and Innovation

The patent absurdity of pharmaceutical prices

Marc Hyden April 22, 2024 The Newnan Times-Herald