Regulating Information Security in the Government Contracting Industry: Will the Rising Tide Lift All the Boats?

By Bancroft, Keir X. | American University Law Review, May 1, 2013 | Go to article overview

Regulating Information Security in the Government Contracting Industry: Will the Rising Tide Lift All the Boats?


Bancroft, Keir X., American University Law Review


The government is strengthening cyber and information security regulations to address increasing cybersecurity risks. These regulations will affect government contractors in many ways; for instance, contractors must apply new technologies to monitor cybersecurity threats and develop stronger information security protections. This "rising tide" of regulation should lift"all boats," namely members of the government contracts sector. Some small business contractors or larger contractors without experience working with the government, however, may not be equipped to fully comply with these strengthened regulations. The government may as a result lose a number of would-be competitors for contracts requiring cyber and information security protections. Alternatively, some contractors lacking resources and experience may compete for the contracts anyway, which could serve to weaken the security of government information and information systems. This Article gives an overview of existing and new regulatory requirements and analyzes the difficulties some contractors may have complying with them. This Article also suggests ways to ensure all contractors can effectively comply with the regulations. Federal agencies can develop incentives, protections, or training requirements for contractors. Agencies can also develop opportunities for information sharing, which would help smaller or larger, inexperienced contractors get involved in contracts requiring cyber and information security in a manner that better ensures compliance and mitigates security risk. The government may also want to develop an iterative process of regulation, which would help ensure all contractors can keep pace with the increases in cyber and information security regulation.

INTRODUCTION

There is an oft-quoted aphorism that "a rising tide lifts all the boats."1 It has often been used to support a variety of economic policies. President Kennedy used the analogy to support federal investment in a dam project in Arkansas. The rationale for the investment was that the benefit to a section of Arkansas would bear benefits to the states in general.2 Thus, the resulting collective good-the "rising tide"-would benefit all individuals. In later years, President Reagan and other proponents of supply-side economics used the same phrase to support a philosophy that favorable economic conditions for business would spur economic growth, contribute to an overall stronger economy, and hence, benefit everyone.

In the context of cybersecurity regulation of the government contracting community, it appears the federal government is operating with the same philosophy. Steadily-though with varying degrees of speed-the federal government has raised standards for cyber and information security. Few would deny this is a positive trend.4 The risk of harm arising from cybersecurity breaches and the exposure of sensitive information warrants increased vigilance and protection.5 The means by which the federal government is mandating that protection, however, threatens to outpace the technology and resources available for subsets of the government contracting community, particularly small businesses. The regulations might also affect larger businesses just entering the government contracts industry or seeking work with new federal agencies; they may find that the cost of compliance outweighs the benefit of participating in the new market.6 In that sense, the rising tide arguably lifts some "boats," but only those equipped with the technology and resources necessary to brave the waves of cyberthreats. It is difficult to see how some "boats" lacking the technology and experience to implement new protections can rise with the regulatory tide. They may not have the technology required to ensure the necessary cyber and information security protections required under new regulation.7 Further, they may lack the experience necessary to ensure appropriate cyber and information security. In that respect, the rising tide does not promise to liftall boats. …

The rest of this article is only available to active members of Questia

Already a member? Log in now.

Notes for this article

Add a new note
If you are trying to select text to create highlights or citations, remember that you must now click or tap on the first word, and then click or tap on the last word.
One moment ...
Default project is now your active project.
Project items
Notes
Cite this article

Cited article

Style
Citations are available only to our active members.
Buy instant access to cite pages or passages in MLA 8, MLA 7, APA and Chicago citation styles.

(Einhorn, 1992, p. 25)

(Einhorn 25)

(Einhorn 25)

1. Lois J. Einhorn, Abraham Lincoln, the Orator: Penetrating the Lincoln Legend (Westport, CT: Greenwood Press, 1992), 25, http://www.questia.com/read/27419298.

Note: primary sources have slightly different requirements for citation. Please see these guidelines for more information.

Cited article

Regulating Information Security in the Government Contracting Industry: Will the Rising Tide Lift All the Boats?
Settings

Settings

Typeface
Text size Smaller Larger Reset View mode
Search within

Search within this article

Look up

Look up a word

  • Dictionary
  • Thesaurus
Please submit a word or phrase above.
Print this page

Print this page

Why can't I print more than one page at a time?

Help
Full screen
Items saved from this article
  • Highlights & Notes
  • Citations
Some of your highlights are legacy items.

Highlights saved before July 30, 2012 will not be displayed on their respective source pages.

You can easily re-create the highlights by opening the book page or article, selecting the text, and clicking “Highlight.”

matching results for page

    Questia reader help

    How to highlight and cite specific passages

    1. Click or tap the first word you want to select.
    2. Click or tap the last word you want to select, and you’ll see everything in between get selected.
    3. You’ll then get a menu of options like creating a highlight or a citation from that passage of text.

    OK, got it!

    Cited passage

    Style
    Citations are available only to our active members.
    Buy instant access to cite pages or passages in MLA 8, MLA 7, APA and Chicago citation styles.

    "Portraying himself as an honest, ordinary person helped Lincoln identify with his audiences." (Einhorn, 1992, p. 25).

    "Portraying himself as an honest, ordinary person helped Lincoln identify with his audiences." (Einhorn 25)

    "Portraying himself as an honest, ordinary person helped Lincoln identify with his audiences." (Einhorn 25)

    "Portraying himself as an honest, ordinary person helped Lincoln identify with his audiences."1

    1. Lois J. Einhorn, Abraham Lincoln, the Orator: Penetrating the Lincoln Legend (Westport, CT: Greenwood Press, 1992), 25, http://www.questia.com/read/27419298.

    Cited passage

    Thanks for trying Questia!

    Please continue trying out our research tools, but please note, full functionality is available only to our active members.

    Your work will be lost once you leave this Web page.

    Buy instant access to save your work.

    Already a member? Log in now.

    Search by... Author
    Show... All Results Primary Sources Peer-reviewed

    Oops!

    An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.