Dave Frymier, chief information security officer at Unisys, believes a national infrastructure cybersecurity framework can be implemented by offering incentives or establishing mandatory standards, eWEEK reported Tuesday.
“This framework addresses more of an economic problem more than a technical one,” Frymier told the magazine.
Robert Lemos writes the National Institute of Standards and Technology issued final guidelines that are intended to help the private sector safeguard critical infrastructure data and networks.
Frymier believes that companies will work to boost cybersecurity investments if the government sets a baseline level through legislation or public discourse, according to the report.
“The marketplace will punish any company that implements anything that could be considered excessive security, because it will increase their costs,” Frymier added, according to the report.
“But if the government steps in and requires a minimum bar that everyone has to come up to, everyone incurs roughly the same costs and we get improved security as a result.”