Cybersecurity is one of the more difficult and urgent issues of the day. It is an issue that touches almost every aspect of modern life. Recent years have seen major cybersecurity incidents affect national security, our political process, major government institutions, companies of every size throughout our economy, critical infrastructure, banking, consumer electronics, and, of course, consumers themselves. Examples of each of these feature so prominently in the news that they barely need citation: OPM, Sony, Target, concerns about the 2016 election, disclosure of NSA hacking tools, attacks on the banking sector’s SWIFT network, ransomware attacks against hospitals, DDoS attacks against the Internet’s Domain Name System using networks of hundreds of thousands (if not millions) of compromised consumer-owned, Internet-connected devices. This list could fill several pages—and that is with only well-publicized, high-profile incidents—the tip of the cybersecurity iceberg.
Most discussion about cybersecurity law and policy focuses on issues as they occur at a national or supra-national level. This is unsurprising: the nexus of issues that define cybersecurity have long fallen within the ambit of federal regulation and national security, and most sophisticated cybersecurity actors have long been those operating at the nation-state scale. But much of what happens in cybersecurity occurs at the subnational level. The targets of cybersecurity incidents are usually local actors, as are the first responders; state and local governments often face cybersecurity concerns equal to those of national-level government; much of current “cybersecurity law” exists at the state level; and most critical infrastructure is owned by firms operating within, and largely regulated by, individual states.
In March 2017, the University of Nebraska College of Law’s Space, Cyber, and Telecommunications Law Program, in conjunction with the Nebraska Law Review, convened a conference to discuss cybersecurity issues at the state, local, and regional level. The present volume of the Review includes a symposium comprising contributions from that conference’s participants.
Justin (Gus) Hurwitz,
State, Local, and Regional Issues in Cybersecurity: Symposium Introduction,
96 Neb. L. Rev. 247
Available at: http://digitalcommons.unl.edu/nlr/vol96/iss2/2