Should there be federal ordinances in place for cybersecurity threats where the affected organization is billed for the shutdown?
But if we accept that level of government interference, we quickly reach the point where they can say, “We think that you haven't patched your systems in a while. You're at a risk so we're going to take your company down.” It's a super slippery slope. An ordinance follows policy and law; the FBI action that happened in April was a judge’s subpoena. I would be surprised if they had coordinated with private sector cybersecurity leaders on any of it.
Broadly, no.
There are additional rules around trade, privacy, etc that make sense that could apply here, as well as ones in regulated industries.
Does the fire department bill people who should have been more careful with kitchen fires?
No insurance coverage to obese patients?
Police department not show up to those who didn’t have good locks?
When you frame it that way, it does sound more plausible that this could happen. Policies do each of those things in some cases, mostly by racist design, but otherwise simply for profit.
Private fire departments (before municipalities had public fire depts) definitely charged homeowners and businesses to put out their fires.
This article from ABC News in 2010 documented a trend to begin to charge and bill for firefighting service in some locations:
https://abcnews.go.com/Business/fire-department-bills-basic-services-horrify-residents-insurance/story?id=9736696
Also, from Wikipedia, the free encyclopedia:
Jump to navigation
Jump to search
"In the United States, an emergency response fee, also known as fire department charge, fire department service charge, accident response fee,[1][2] accident fee,[3] Traffic Infraction Accident Fee,[4] ambulance fee,[5] etc., and pejoratively as a crash tax[6] is a fee for emergency services such as firefighting, emergency medical services, environmental response, etc., performed by a local fire department, EMTs, police department, etc., at the scene of a structure fire, wildfire, traffic collision, or other emergency, billed afterward to the surviving property owner or owner(s), operator(s) of the vehicle(s) involved, and/or their insurance companies."
"Many states and localities have approved these fees. Many states and localities prohibit these fees.[7]"
"Some fire departments charge small and large fees for firefighting.[8] Some bill the survivors, some bill the insurance companies of the survivors.[9]"
"Some fire departments charge an advance fire subscription fee for fire protection. They often do not fight fires that are not covered, refusing offers of back payment.[10][11]"
"The fees are controversial, with multiple arguments for and against.[12"
[ https://en.wikipedia.org/wiki/Emergency_response_fee ]
Content you might like
Yes56%
No29%
Unsure14%
Patch management: to reduce attack surface and avoid system misconfigurations39%
Malware and ransomware prevention: to protect endpoints from social engineering attacks58%
Malware and fileless malware detection and response: to protect against malicious software49%
Threat Hunting: to detect unknown threats that are acting or dormant in your environment and have bypassed the security controls33%
Not planning to change endpoint security strategy10%