Publication

The paper addresses that the current legislative framework for cybersecurity in the United States. The complex federal role in cybersecurity involves both securing federal systems and assisting in protecting nonfederal systems. Under current law, all federal agencies have cybersecurity responsibilities relating to their own systems, and many have sector-specific responsibilities for critical infrastructure. The author argues that while revisions to most of those laws have been proposed over the past few years, no major cybersecurity legislation has been enacted since 2002.