Addressing concerns over the legislation, Bronk said the most worrisome is the mistaken belief that the cybersecurity legislation is anti-business or simply meddlesome federal regulation. “The Internet and the network of networks that make up our national infrastructure are enormously complex creations that combine both government and commercial resources to serve the public interest,” Bronk said. “While the U.S. has gone to great lengths to provide a common defense, the model for defending cyberspace depends on far more than the resources of the federal government. In regards to cybersecurity, government, the private sector and the public will be equally necessary in raising our level of common security.”

Pridgen agreed. “This law is a remarkable step forward in terms of information security, because it was crafted with the intent to address the security complacency of software vendors and their consumers. The law helps stir the pot and make organizations, especially those that have not been on the ‘front-lines’ of the network, think seriously about implementing secure software, and it helps provide a large degree of confidence in how secure the software is with measurable metrics.”