The ABA's policy consists of five principles:
Beyond their stated goal of governmental guidance, the ABA's principles also form a useful roadmap for every organization, public and private, considering and implementing cybersecurity efforts. Further, even if an organization is not itself managing network security (for example, if it outsources its IT functions), the new guidelines will assist it in understanding and specifying the level of service it receives from the entity that is responsible for cybersecurity.
- Principle 1: Public–private frameworks are essential to successfully protect U.S. assets, infrastructure, and economic interests from cybersecurity attacks.
- Principle 2: Robust information sharing and collaboration between government agencies and private industry are necessary to manage global cyber risks.
- Principle 3: Legal and policy environments must be modernized to stay ahead of or, at a minimum, keep pace with technological advancements.
- Principle 4: Privacy and civil liberties must remain a priority when developing cybersecurity law and policy.
- Principle 5: Training, education, and workforce development of government and corporate senior leadership, technical operators, and lawyers require adequate investment and resourcing in cybersecurity to be successful.
The new policy is one of many recent initiatives by the ABA seeking to raise both the awareness and diligence of attorneys and lawmakers about technology's impact on law and legal ethics. While the ABA has no formal enforcement authority, its recommendations can be very influential on state and federal governments as well as courts.
No comments:
Post a Comment