Cisco : A Modern Approach to Cybersecurity & Privacy in the U.S.-Mexico-Canada Agreement
October 12, 2018 at 03:13 pm EDT
Share
As was noted in a companion blog by my colleague Jen Sanford, the new U.S.-Mexico-Canada-Agreement (USMCA) covers a wide range of trade issues between these nations. We are particularly excited for the provisions around cybersecurity which address what our customers and the industry have been saying for a while: that regulatory and compliance-driven security doesn't work. Along those lines, the Digital Trade Chapter of USMCA calls for risk-based cybersecurity mechanisms over prescriptive regulations. While not mentioning the document by name, the USMCA agreement actually calls out the five core functions in the NIST Framework-identify, protect, detect, respond, recover.
This result demonstrates all three governments share a common vision and commitment to effective cyber-risk management. Our three nations are connected in many ways physically via our roads, railways, and energy distribution systems. Those critical systems, in turn, increasingly leverage information technology underscoring the importance of developing a harmonized approach to cybersecurity. Therefore, a coordinated approach to cyber risk management-using a common set of tools-makes tremendous sense.
The inclusion of these new digital trade provisions will also facilitate the development of a unified market for cybersecurity products and services. Developers of these technologies can be confident that they will have access to selling into all three countries. Buyers of these technologies will in turn have greater certainty about how to map their capabilities to a commonly used approach to cyber risk management.
USMCA also establishes a series of important protections against non-tariff trade barriers around digital services. These include: 1) ensuring that data can flow freely within the trade bloc; 2) restricting the use of data storage or processing localization requirements; advancing the development of interoperable data protection mechanisms-specifically referencing the APEC Cross Border Privacy Rules under which Cisco is certified; and 4) limiting government demands source code for technology as a precondition for sale.
Cisco looks forward to to working with the three governments to turn the USMCA's commitments around cybersecurity, privacy, and more into action once it is implemented.
Attachments
Original document
Permalink
Disclaimer
Cisco Systems Inc. published this content on 12 October 2018 and is solely responsible for the information contained herein. Distributed by Public, unedited and unaltered, on 12 October 2018 19:12:00 UTC
Cisco Systems, Inc. is the world leader in designing, developing, and marketing Internet network equipment. Net sales break down by family of products and services as follows:
- network equipment (68.9%); switches and routers, technological software and systems (storage, Internet access, and security systems, wiring, gateways, connection interfaces and modules, etc.), etc.;
- services (24.3%): technical assistance, network design, execution, and integration services, etc.;
- security products (6.8%).
Net sales are distributed geographically as follows: Americas (58.7%), Europe/Middle East/Africa (26.6%) and Asia/Pacific (14.7%).