This is the abstract for the author's CCP, which examines the role of government in promoting cybersecurity in the private sector, with a focus on threats that affect parties other than the owners or operators of infected or vulnerable machines. Mr. Aaron describes threats such as peer-to-peer botnets, botnets of internet-connected devices, critically vulnerable consumer devices, and unpatched machines in environments such as hospitals and industrial control systems. Mr. Aaron draws on principles of law and economics to argue that where the failure to patch or remediate systems is due to misaligned incentives or externalized costs and leaves in place vulnerabilities or malware that can have a broad impact on society, there is cause for government intervention. While acknowledging the roles of regulation and ex post litigation, Mr. Aaron proposes enhancing case-by-case preventive litigation building on the botnet disruption model. Mr. Aaron suggests new applications of existing law and discusses what additional legal authority could provide in terms of scope, effectiveness, accountability, and transparency. Mr. Aaron is developing this CCP into a publishable article.
All rights reserved. Collection is open for research.
Citation
Aaron, David,
"The Legal and Policy Landscape and Way Forward for Security Researchers (Abstract)"
(2018).
Master of Science in Cybersecurity.
Brown Digital Repository. Brown University Library.
https://doi.org/10.26300/qk1f-3v59
Brown's Master of Science (ScM) in Cybersecurity is a program for professionals designed to cultivate high-demand, industry executives with the unique and critical ability to devise and execute integrated, comprehensive cybersecurity strategies. Students gain immediately applicable knowledge and, through an …
