A recent Indiana University study suggests creating a National Cybersecurity Safety Board to deal with data breaches.
Business law professor and author of the study Scott Shackelford says it would be similar to the National Transportation Safety Board investigation model. He says that model is applicable to cybersecurity.
“It’s not only formal investigators that dig into the details of why an airplane happened to crash, but they look into bigger issues like culture at manufacturers, at airlines,” says Shackelford. “We thought a similar approach would be really helpful for cybersecurity because typically, it’s not just one thing that’s at fault in big data breaches.”
Shackelford says a coalition of states could help create a code of conduct for breaches, which could eventually help decrease their occurrences.
“Ideally, we would be seeing less of these stories. We’d be getting fewer of these data breach notifications in the mail,” says Shackelford. “My one-year-old got one from Anthem in the mail the other day. This is less than ideal, right?”
Shackelford says the creation of a National Cybersecurity Board is unlikely in the near future, because there are few incentives for stakeholders.