Resilient Cyber S4E6: Matt Cronin - Cyber Law & National Cyber Strategy
Nikki: I saw you recently did a Cyber Jeopardy Panel at the American Bar Association about cybersecurity and cyber law - can you talk a little bit about the intersection of cybersecurity and law?
Chris: Continuing on that thread a little more, and you and I have chatted about this, what are some of the dichotomies or challenges of Cybersecurity in a democratic society versus say an authoritative regime or nation?
Chris: I know you have a background with the DoJ and U.S. Attorney's office, are there some challenges with say cyber investigations in the U.S. due to some of our protections for individual freedom, privacy and so on?
Nikki: It seems like we're seeing more and more organizations seeing the need for both mature cybersecurity programs and cyber law programs - but I haven't seen a ton of these groups working closely together. How can we build both programs in combination?
Chris: It seems like every day we are seeing headlines about catastrophic cyber incidents. Are there any historical parallels to what we are dealing with today? Do you think we’ll ever get out of it?
Nikki: What do you think major attacks like ransomware in healthcare and even in local and state governments and school are doing to shape cyber legislation?
Nikki: If you could give one message to the American people about how we will address this challenge, what would it be?
Chris: I would be remiss if I let you off the show without trying to dig into the forthcoming National Cyber Strategy with you. With the extent of what you're able to share, there's been a lot of buzz and rumors about an increased call for regulation, do you have any thoughts on that front?
Chris: Many have said that Cybersecurity is a market failure and that it will require government intervention and regulatory measures to change things and have cybersecurity be taken more seriously by businesses and organizations. How do we balance that need for truly addressing cybersecurity risk without at the same time stifling innovation and our free market society?
Nikki: Do you see more legislation potentially coming in the future around security governance and compliance?
Nikki: I'm very fascinated by cybersecurity and law terminology - do you think there's some room for us to find a common thread between both disciplines to help people like me understand law terminology and language better?