Article 69DEA Biden administration wants to hold companies liable for bad cybersecurity

Biden administration wants to hold companies liable for bad cybersecurity

by
Dan Goodin
from Ars Technica - All content on (#69DEA)
white-house-800x547.jpg

Enlarge (credit: Getty Images)

The Biden administration on Thursday pushed for new mandatory regulations and liabilities to be imposed on software makers and service providers in an attempt to shift the burden of defending US cyberspace away from small organizations and individuals.

"The most capable and best-positioned actors in cyberspace must be better stewards of the digital ecosystem," administration officials wrote in a highly anticipated updated National Cybersecurity Strategy document. Today, end users bear too great a burden for mitigating cyber risks. Individuals, small businesses, state and local governments, and infrastructure operators have limited resources and competing priorities, yet these actors' choices can have a significant impact on our national cybersecurity."

Increasing regulations and liabilities

The 39-page document cited recent ransomware attacks that have disrupted hospitals, schools, government services, pipeline operations, and other critical infrastructure and essential services. One of the most visible such attacks occurred in 2021 with a ransomware attack on the Colonial Pipeline, which delivers gasoline and jet fuel to much of the Southeastern US. The attack shut down the vast pipeline for several days, prompting fuel shortages in some states.

Read 15 remaining paragraphs | Comments

External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments