The U.S. and Europe appear to follow different approaches in addressing issues related to cyber threats and cybersecurity, FCW’s Edwin Bentley reported Thursday, citing his observations at the recent Infosecurity Europe and FOSE conferences.
Bentley writes that while Europe seems to be reactive by reporting encountered threats to the government, the U.S. has been using a top-down approach wherein industry supports cyber directives issued by the government.
He highlighted the focus on continuous monitoring and automation at FOSE, particularly on how the Department of Homeland Security‘s Continuous Diagnostics and Mitigation program and the National Institute of Standards and Technology‘s Cybersecurity Framework seek to integrate security into business processes and guide industry on risk assessments.
Such a measure is expected to deliver ongoing protection and situational awareness and ease risk analysis and reporting despite leading to some concerns over compliance, Bentley reports.
Meanwhile, Bentley says Europe’s Network and Information Security directive and the U.K.’s Cyber Essentials Scheme are not sufficient to address the industry needs identified at Infosecurity Europe, such as threat mitigation and unifying compliance and security.
“Europe needs to continue to move in the right direction and could be inspired by the top-down approach to security in the U.S.,” concludes Bentley.