Mar. 14, 2022
March 14, 2022 Public Comment on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure Cybersecurity is national security. The consequences of a data breach or other such exploit far outweigh the consequences that would apply to any one company. This deference to public companies to ensure the domestic tranquility of the American people is a lark. There should be severe consequences for a company for merely under-allocating resources to cybersecurity. We should also not solely rely on them as the arbiters of truth with regards to validity of cybersecurity concerns. And we should not wait until it is too late to do anything about it to find out. It is the responsibility of the government of, by and for the People to ensure our safety in cyberspace. Further, the government needs to do more to adapt to emerging threats. Major ones that come to mind at the moment include the epidemic of spam/scam calls and texts that Americans have been receiving and suspicious actors on social media. Telecomm. companies have yet to see any penalties for failing to make sure customers are protected and yet their stocks continue to go up with these reports being common knowledge and in the news constantly. Also social media companies have been known to host scammers with growing impunity. This cannot stand in an open and free society and is simply not sustainable long-term as a democracy. Jean-Paul Tres