‘[E]very speaker, every writer, every practitioner in the field of cyber security who has wished that its topic, and us with it, were taken seriously has gotten their wish…."[W]e" and the cyber security issue have never been more at the forefront of policy. And you ain't seen nothing yet.' - Dan Geer, "Cybersecurity as Realpolitik"
We still haven't. The regulatory and policy landscape around information security is expanding and shifting rapidly. Challenges faced by the community in this arena are many and multiplying. So too for policy-makers and regulators.
While the current climate may be exceptional, this is far from the first time information security has been the subject of policy debates, or the object of regulatory intervention. Over the past four decades, relations between government officials and security practitioners might reasonably have been expected to improve and mature … so why haven't they? And how should we handle the upcoming regulatory challenges that the industry will face?
This panel brings together over a century of experience to examine participation of the security research community in policy formation and regulatory affairs : what works, what doesn't, what's next, and what you can do to help.