Governance & Risk Management , Information Sharing , Standards, Regulations & Compliance

Durbin on Government's Role in Cybersecurity

ISF Director Says More Collaboration, Less Regulation Needed

Cyberattacks have gained regulatory attention worldwide. But the world doesn't need more regulation to address new threats, says Steve Durbin of the Information Security Forum. Instead, government must work more closely with the private sector.

See Also: Critical Condition: How Qilin Ransomware Endangers Healthcare

Durbin, managing director of the ISF, says government and the private sector must evaluate how to address cyber threats from an approach that doesn't just focus just on regulatory compliance, but also on the notion of business resilience.

"I'm a fan of government providing broad-based frameworks," Durbin says in this video interview conducted at Information Security Media Group's recent Washington Fraud and Breach Prevention Summit. "I think we do need regulation, of course. We always need legislation in this [cybersecurity] area. But government for me needs to do a better job of working collaboratively with business, with the private sector, to understand some of the implications of what they're doing."

As an example of how government decisions can adversely business, Durbin points to the European Court of Justice's declaration in October 2015 that the European Commission's safe harbor provisions for breach disclosure are invalid.

"Safe harbor was taken away, almost overnight for a lot of businesses," he says. "From a business perspective, it went [away] overnight. That left a gaping hole. We shouldn't have those types of situations."

In this interview, Durbin also discusses:

  • Why the NIST framework works as a pragmatic approach;
  • Budgetary constraints plaguing cybersecurity investments; and
  • Why organizations struggle to find qualified cybersecurity professionals.

At the Information Security Forum, Durbin's main areas of focus include the emerging security threat landscape, cybersecurity, mobile security, the cloud and social media across both the corporate and personal environments. Previously, he was a senior vice president at the consultancy Gartner.


About the Author

Tracy Kitten

Tracy Kitten

Former Director of Global Events Content and Executive Editor, BankInfoSecurity & CUInfoSecurity

Kitten was director of global events content and an executive editor at ISMG. A veteran journalist with more than 20 years of experience, she covered the financial sector for over 10 years. Before joining Information Security Media Group in 2010, she covered the financial self-service industry as the senior editor of ATMmarketplace, part of Networld Media. Kitten has been a regular speaker at domestic and international conferences, and was the keynote at ATMIA's U.S. and Canadian conferences in 2009. She has been quoted by CNN.com, ABC News, Bankrate.com and MSN Money.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.