Reorienting How the Private Sector and Government Defend Against Data Breaches presented at GlobalPrivacySummit 2019

by Michael Daniel, Leonard Bailey, Megan Stifel,

Summary : The panel will discuss how we can reorient the roles that the private sector and the government play to better enable collective defense against data breaches. Companies often understandably ask why they are largely left on their own to defend themselves against breaches perpetrated by nation-states and sophisticated criminal actors. That, they say, should be the government’s job. On the other hand, the government does not have the resources or capability to defend all private sector networks. Nor is it clear that we would want them to. For example, do we really want the NSA or FBI to have network monitoring devices distributed throughout private networks? The speakers will reflect on how we can better enable constructive engagement between the government and private sector to improve our management of privacy risk from data breaches and similar malicious cyber activity and whether our current policies unfairly "blame the victims."What you’ll take away:Clearer understanding of some of the operational, legal, and policy obstacles to better coordination between the government and the private sector in preventing and responding to data breachesIdeas and proposals for how the current roles of the private sector and government can be reoriented to enable more effective collective cyber defenses, particularly against nation-states and other sophisticated actorsDiscussion of whether our current legal and policy regime unfairly “blames the victims” and whether that undercuts our collective security