Lemons and Liability: Cyber Warranties as an Experiment in Software Regulation

The US National Cybersecurity Strategy seeks to assign responsibility for securing systems to the "most capable actors", which involves making software vendors liable for security failures. To help inform policy-makers, we will present a case-study in which private actors voluntarily accepted liability for security failures.

Since 2014, various security vendors announced cyber warranties that promise to pay-out to customers if the vendor's product fails to prevent a security incident....

By: Daniel Woods

Full Abstract and Presentation Materials: https://www.blackhat.com/us-23/briefings/schedule/#lemons-and-liability-cyber-warranties-as-an-experiment-in-software-regulation-32104

case case-study cyber cybersecurity cybersecurity strategy failures liability making national national cybersecurity national cybersecurity strategy policy private regulation responsibility security software software vendors strategy study systems vendors