The opportunity to harmonize cybersecurity policy is in focus this week after the United States Department of Homeland Security (DHS) and the European Commission announced an initiative to collaborate on aligning cyber incident reporting requirements.
This high-level effort, driven by Robert Silvers, Under Secretary of Strategy, Policy, and Plans at the DHS, and Roberto Viola, Director-General of DG Connect at the European Commission, is a major opportunity to harmonize important elements of the cybersecurity ecosystem between transatlantic economies.
BSA Identified Harmonization as Imperative
This work aligns with and reflects priorities outlined in BSA | The Software Alliance’s “2024 Global Cyber Agenda,” which emphasizes the benefits of harmonization within and between governments. Harmonization is a priority for BSA because, through harmonized laws and policies built upon internationally recognized standards and best practices, we can improve the security of the entire digital ecosystem.
Why Harmonization Matters
Harmonization presents a compelling opportunity because it elevates cybersecurity for all. Harmonized laws and policies within a government facilitate coordination among agencies.
Due to the lack of harmonization on incident reporting within the US — and the negative consequences that resulted — Congress created the Cyber Incident Reporting Council through the Critical Infrastructure Act.
This helped yield the DHS report, “Harmonization of Cyber Incident Reporting to the Federal Government,” which identified more than 50 proposed or effective cyber incident reporting requirements within the US government alone and recommended ways to harmonize them.
Harmonizing laws and policies also helps governments internationally because it facilitates coordination, strengthens international partnerships, and promotes innovation and trade. The announcement from the DHS and European Commission references a joint report, which identifies six areas for comparison, including definitions, thresholds, timelines, and substantive contents of reports.
How Harmonization Benefits Cybersecurity
Harmonization promotes a more secure digital ecosystem — a goal shared by governments and industry — by providing companies with confidence that their investments in research and development into better security solutions will meet governments’ requirements and ultimately reach the marketplace.
Harmonizing laws and policies also helps businesses by creating a level playing field on which they can compete. Rather than expending company resources on compliance with hundreds of laws — spending that neither improves the security of the product nor the experience of the customer — companies can instead invest in improving the security and functionality of their products and services.
Finally, harmonizing laws and policies enables citizens and customers to access best-of-breed products and services. A consistent set of certification and reporting requirements lowers barriers to entry, which helps new and small businesses offer more innovative products and services that meet the needs of government agencies and the citizens they serve, as well as businesses and their customers.
Better Outcomes for Governments, Businesses, and Consumers
It is more important and valuable than ever to have international cooperation on cybersecurity. Harmonization can deliver better outcomes for governments, businesses, citizens, and customers, while ushering in a more secure and resilient future.
