Blackbeard may not be the first name that comes to mind when considering cybercrime, but prior international efforts to stop stateless rogue actors can point us toward the proper focus for cybersecurity—governments taking responsibility to solve a classic collective action problem by direct action, supporting existing industry defense measures, and leading multilateral cooperation efforts. This strategy stands in stark contrast to the SEC’s proposed cybersecurity approach: name and shame public companies that, after suffering a data breach, would be forced to issue public statements to shareholders before they have closed the exploited vulnerability or fully assessed the situation. Our hope is that the fight against maritime piracy can point to a better way to address online pirates.

Click here to read our article for New York Law Journal in which we discuss how governments can take a coordinated approach to combatting data breaches and ransomware attacks.