Coalition to Reduce Cyber Risk, Inc.
We aim to enhance cybersecurity and support economic growth by partnering across industry and with governments around the world to strengthen and align approaches to improving cybersecurity risk management.
The Challenge and Impact
Increasing cyber threats and media coverage of various events in cyberspace are causing everyone – consumers, enterprises, and governments – to focus greater attention on cybersecurity. As a result, governments are appropriately seeking to secure the essential cyber capabilities that underpin national security, economic security, and public safety. However, many of these efforts, if not to some degree synergized, risk undermining security, resulting in the opposite of the desired effect.
Cybersecurity Policy for Resilient Economies: A Global, Cross-Sector Approach
This white paper outlines the processes that are crucial to developing effective global and cross sectoral cybersecurity policies and approaches based on lessons the industry has learned over the last decade.
Four Essential Elements
of Cybersecurity Policy
Our experience shows that effective risk management approaches share four essential elements:
- Developed through an open, collaborative, and iterative process
- Consistent with globally-recognized standards and best practices
- Rooted in a risk-based perspective on appropriate controls and mitigations
- Focused on desired security outcomes and agility in implementation
to Global Cybersecurity
Our commitment to the improvement of global cybersecurity is anchored by:
- Support from C-level executives for cybersecurity activities in our enterprises
- Reliance on globally-recognized standards and best practices to secure our enterprises, products, and services
- Dynamic assessment of cybersecurity risks facing our enterprises and investments to protect our companies and customers
- Cybersecurity activities that go beyond compliance and reflect a holistic approach towards cyber resilience
Areas of Focus
Around the world, dozens of countries are developing or evolving cybersecurity guidelines, regulations, and standards that call for organizations from different sectors to implement cybersecurity policies, practices, or activities. As a group, we are tracking government efforts at different stages of maturity across every region, including Africa, the Americas, Asia, Europe, and the Middle East. We aim to engage relevant government stakeholders at fora.
Project Group A:
Project Group B:
Network and Information Security Directive implementation
Project Group C:
Project Group D:
Draft Cybersecurity Bill
Project Group E:
NIST Cybersecurity Framework
External: Advocacy Activities
Our members participate, both collectively and individually, in the development and implementation of cybersecurity policy though several activities, including:
Engagement in government processes that invite industry contributions, such as policy development workshops and sectoral coordination organizations
Collaboration with industry peers to address policy proposals and regulatory initiatives
Support for the development, refinement, and use of cybersecurity standards and best practices
Join Our Effort
How governments approach developing, evolving, and implementing cybersecurity guidelines, regulations, and standards will profoundly affect global security and economic development. As governments move forward, there is an opportunity for industry thought leaders to coordinate in providing expertise on existing best practices and working with appropriate officials to align government approaches. We invite you to join our effort, contributing to our development of materials, participating in our conversations with government stakeholders, and strengthening the future of our global technology ecosystem.