Document Type
Article
Publication
Colorado Technology Law Journal
Year
2018
Citation Information
Jonathan Bair, Steven M. Bellovin, Andrew Manley, Blake Reid, and Adam Shostak, That Was Close! Reward Reporting of Cybersecurity “Near Misses”, 16 Colo. Tech. L.J. 327 (2018), available at https://scholar.law.colorado.edu/faculty-articles/1189.
Abstract
Building, deploying, and maintaining systems with sufficient cybersecurity is challenging. Faster improvement would be valuable to society as a whole. Are we doing as much as we can to improve? We examine robust and long-standing systems for learning from near misses in aviation, and propose the creation of a Cyber Safety Reporting System (CSRS).
To support this argument, we examine the liability concerns which inhibit learning, including both civil and regulatory liability. We look to the way in which cybersecurity engineering and science is done today, and propose that a small amount of ‘policy entrepreneurship’ could have substantial positive impact. We close by considering how a CSRS should be organized and housed.
Copyright Statement
Copyright protected. Use of materials from this collection beyond the exceptions provided for in the Fair Use and Educational Use clauses of the U.S. Copyright Law may violate federal law. Permission to publish or reproduce is required.
Included in
Administrative Law Commons, Air and Space Law Commons, Computer Law Commons, Privacy Law Commons, Science and Technology Law Commons