Events , RSA Conference , RSA Conference Videos

The Role of Regulation in Comprehensive Cybersecurity

HackerOne's Ilona Cohen on Why Critical Infrastructure Needs More Regulatory Focus
Ilona Cohen, chief legal and policy officer, HackerOne

While most organizations were responsible for their own cybersecurity for several decades, and compliance was mostly voluntary, rising attacks and risks have forced governments to consider regulation to prevent the real-world fallout from cyber incidents. But how much regulation is too much, and how much is too little?

See Also: Making Sense of FedRAMP and StateRAMP

Additional cyber regulation, especially in areas of critical infrastructure, is necessary, said Ilona Cohen, chief legal and policy officer, HackerOne.

"Outages in critical infrastructure are rare, but when they do happen, they have the potential to impact many Americans," she said. "In the Colonial Pipeline incident in 2021, cybercriminals wreaked havoc on an entire region of the country, leading to the president calling for an emergency declaration. So it's really important to make sure that there's a baseline in certain areas of critical infrastructure - like transportation, communication, water, healthcare - that could have a potential impact on millions of Americans." she said.

In this video interview sponsored by CyberEdBoard and recorded at RSA Conference 2023, Cohen also discusses:

  • The cyber preparedness of critical infrastructure companies;
  • The impact of upcoming government cyber strategies;
  • Government-led vulnerability disclosure programs.

Cohen manages the public policy portfolio, oversees legal matters and provides strategic leadership to HackerOne. She joined the tech industry after serving four years at the White House during the Obama administration, where she was part of the group responsible for the development of a long-term strategy to enhance cybersecurity awareness.


CyberEdBoard is ISMG's premier members-only community of senior-most executives and thought leaders in the fields of security, risk, privacy and IT. CyberEdBoard provides executives with a powerful, peer-driven collaborative ecosystem, private meetings and a library of resources to address complex challenges shared by thousands of CISOs and senior security leaders located in 65 different countries worldwide.

Join the Community - CyberEdBoard.io.

Apply for membership


About the Author

Information Security Media Group

Information Security Media Group (ISMG) is the world's largest media company devoted to information security and risk management. Each of its 37 media sites provides relevant education, research and news that is specifically tailored to key vertical sectors including banking, healthcare and the public sector; geographies from North America to Southeast Asia; and topics such as data breach prevention, cyber risk assessment and fraud. Its yearly global summit series connects senior security professionals with industry thought leaders to find actionable solutions for pressing cybersecurity challenges.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.