Henry Young

Senior Director, Policy

Henry Young is Senior Director, Policy for BSA | The Software Alliance. Prior to joining BSA, Young was Senior Counsel and Senior Policy Advisor first to Secretary of Commerce Ross and then Secretary of Commerce Raimondo. In that role he was trusted to develop and oversee high-level policy and strategy for the U.S. Department of Commerce and its bureaus and collaborate with senior White House and interagency officials, to design, advocate, and implement critical policies and strategies that shape national and foreign policy related to technology including cybersecurity, 5G, and standards.

Posts by Henry Young

Welcome to the Cyber Harmonization Cafe

Dec 18, 2025 in Cybersecurity

With the release of the US National Cybersecurity Strategy expected soon, there is an opportunity for the federal government to advance regulatory harmonization through a single menu of cybersecurity requirements across government. Cybersecurity regulations are supposed to make us more secure. Instead, dozens of regulators across all sectors of the economy have promulgated their own … Read More >>

BSA Member CEOs Speak Out on Resilience Through Recovery

Oct 22, 2025 in Cybersecurity

In new CEO Perspectives videos shared with BSA, Cohesity CEO Sanjay Poonen and Veeam CEO Eswaran, both leaders in this space, offer their thoughts on cyber resilience. Read More >>

A Clearer Path to Cyber Resilience: Policy Priorities for the Administration

Mar 10, 2025 in Cybersecurity

The Business Software Alliance (BSA) identified a series of available executive actions the Trump Administration can take to improve cybersecurity at the outset of the new Administration. Read More >>

Harmonizing Cybersecurity Regulations Is a Win-Win

Jul 10, 2024 in Cloud Computing, Cybersecurity

Harmonizing cybersecurity requirements is an ideal issue for the US Government, like-minded allies, and industry to work together to achieve because it is a win-win-win. It’s time start singing from the same song sheet. Read More >>

“Best Practices” Improve Cybersecurity by Producing Results for Users, Not Policymakers

Jun 24, 2024 in Cybersecurity

Government officials, industry leaders, and advocates often appeal to “best practices” to guide policy or set requirements. But, too often, they use the term “best practices” imprecisely to cover a variety of meanings. That hurts effective policy, because “best practice” has a definition – and it is one that isn’t aligned with how policymakers frequently misuse it. Read More >>