Governments as Enforcers
Governments provide at least two different functions in their role as enforcers, in a cybersecurity context – regulators and law enforcement. Let’s quickly look at both functions.
Regulators
We just discussed governments as standards bodies. As we discussed, standards are important for government procurement purposes, but also for the broader markets. However, just because a standards body publishes some standards, doesn’t necessarily mean that private and public sector organizations will spend the time, effort, or budget to conform with those standards. Typically, there must be some sort of clear benefit or incentive for organizations to change the way they operate.
Sometimes, markets or industries are too slow to change by themselves and a “market failure” results. In cases like this, governments use the tools they have in their toolboxes; in the case of cybersecurity this includes regulation. Regulations typically implement...
