Incentivizing Companies to Manage Cyber Risks Better
The White House is developing a core of practices to develop capabilities to manage cybersecurity risk. This Cybersecurity Framework will be available in draft form in October and finalized in February 2014. At that time, officials will create the Voluntary Program to encourage critical infrastructure companies to adopt the framework. Until then, the government is looking at ways to incentivize companies to participate. Some recommended incentives can be adopted quickly while others will require legislative action and additional work. The White House is collaborating with appropriate agencies now to move forward and to prioritize incentive areas including cybersecurity insurance, grants, process preference, liability limitation, streamlined regulations, public recognition, rate recovery for price regulated industry and cybersecurity research. For more detailed information, visit the White House Blog.