Cybersecurity carrots and sticks

IF 1.3 3区 社会学 Q3 BUSINESS
Janine Hiller, Kathryn Kisska-Schulze, Scott Shackelford
{"title":"Cybersecurity carrots and sticks","authors":"Janine Hiller,&nbsp;Kathryn Kisska-Schulze,&nbsp;Scott Shackelford","doi":"10.1111/ablj.12238","DOIUrl":null,"url":null,"abstract":"<p>In an unsustainable trend, each year is touted as the worst on record for data and system breaches. 2020's dubious top distinction was exceeded across numerous metrics in 2021, and 2022's numbers set another unwanted record. The growing epidemic of ransomware, data breaches, and cyber-enabled attacks pushes policymakers and business leaders to consider what can be done to reverse the cyber-insecurity spiral. Amidst the current cybersecurity landscape fraught with regulatory gaps, dependence on self-regulation, and resource constraints of small- and medium-sized businesses, policymakers should seize opportunities to reward reasonable cybersecurity postures and disincentivize underinvestment in cybersecurity best practices. Bold and coordinated actions are needed to dislodge the unsustainable trend of increasingly damaging cyberattacks, and to create a more holistically secure digital future. To move the needle toward a more robust cybersecurity ecosystem, this article proposes an incentive-based strategy that breaks the mandate-versus-self-regulation dichotomy, leveraging a carrots and sticks tax approach to spur stronger cybersecurity postures across the ecosystem. Such proposal outlines a framework for a Federal Cybersecurity Investment Tax Credit, tailored and mapped to select entity types, combined with a cyberinsecurity tax, thus promoting the principle that businesses have basic cybersecurity responsibilities and fundamental duties to operate securely in a digital society. In addition, this article introduces supplementary tools as part of an enhanced cybersecurity tax policy toolkit. Given pressing national and global cyber risks, this article continues a long-standing conversation about the operative use of tax policy as part of a holistic approach to reaching a secure and sustainable digital future.</p>","PeriodicalId":54186,"journal":{"name":"American Business Law Journal","volume":"61 1","pages":"5-29"},"PeriodicalIF":1.3000,"publicationDate":"2024-01-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1111/ablj.12238","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"American Business Law Journal","FirstCategoryId":"90","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1111/ablj.12238","RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"BUSINESS","Score":null,"Total":0}
引用次数: 0

Abstract

In an unsustainable trend, each year is touted as the worst on record for data and system breaches. 2020's dubious top distinction was exceeded across numerous metrics in 2021, and 2022's numbers set another unwanted record. The growing epidemic of ransomware, data breaches, and cyber-enabled attacks pushes policymakers and business leaders to consider what can be done to reverse the cyber-insecurity spiral. Amidst the current cybersecurity landscape fraught with regulatory gaps, dependence on self-regulation, and resource constraints of small- and medium-sized businesses, policymakers should seize opportunities to reward reasonable cybersecurity postures and disincentivize underinvestment in cybersecurity best practices. Bold and coordinated actions are needed to dislodge the unsustainable trend of increasingly damaging cyberattacks, and to create a more holistically secure digital future. To move the needle toward a more robust cybersecurity ecosystem, this article proposes an incentive-based strategy that breaks the mandate-versus-self-regulation dichotomy, leveraging a carrots and sticks tax approach to spur stronger cybersecurity postures across the ecosystem. Such proposal outlines a framework for a Federal Cybersecurity Investment Tax Credit, tailored and mapped to select entity types, combined with a cyberinsecurity tax, thus promoting the principle that businesses have basic cybersecurity responsibilities and fundamental duties to operate securely in a digital society. In addition, this article introduces supplementary tools as part of an enhanced cybersecurity tax policy toolkit. Given pressing national and global cyber risks, this article continues a long-standing conversation about the operative use of tax policy as part of a holistic approach to reaching a secure and sustainable digital future.

Abstract Image

网络安全胡萝卜加大棒
在一种难以为继的趋势下,每年都被吹捧为数据和系统泄露最严重的一年。2021 年的多项指标都超过了 2020 年的最高纪录,而 2022 年的数据又创下了另一项不受欢迎的纪录。勒索软件、数据泄露和网络攻击日益猖獗,促使政策制定者和企业领导者考虑如何扭转网络安全螺旋式上升的趋势。当前的网络安全形势充满监管漏洞、依赖自律以及中小型企业的资源限制,在这种情况下,政策制定者应抓住机遇,奖励合理的网络安全态势,抑制对网络安全最佳实践的投资不足。需要采取大胆而协调的行动,以摆脱破坏性日益增加的网络攻击这一不可持续的趋势,并创造一个更加全面安全的数字未来。为了推动建立一个更强大的网络安全生态系统,本文提出了一项基于激励的战略,打破授权与自律的二元对立,利用胡萝卜加大棒的税收方法来刺激整个生态系统采取更有力的网络安全姿态。该提案概述了联邦网络安全投资税收抵免框架,该框架针对特定实体类型量身定制,并与网络安全税相结合,从而促进企业在数字社会中安全运营的基本网络安全责任和基本义务原则。此外,本文还介绍了作为强化网络安全税收政策工具包一部分的补充工具。鉴于紧迫的国家和全球网络风险,本文将继续就税收政策的实际使用展开长期对话,将其作为实现安全、可持续的数字未来的整体方法的一部分。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
CiteScore
1.10
自引率
16.70%
发文量
17
期刊介绍: The ABLJ is a faculty-edited, double blind peer reviewed journal, continuously published since 1963. Our mission is to publish only top quality law review articles that make a scholarly contribution to all areas of law that impact business theory and practice. We search for those articles that articulate a novel research question and make a meaningful contribution directly relevant to scholars and practitioners of business law. The blind peer review process means legal scholars well-versed in the relevant specialty area have determined selected articles are original, thorough, important, and timely. Faculty editors assure the authors’ contribution to scholarship is evident. We aim to elevate legal scholarship and inform responsible business decisions.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信