Ex-CISA official Kolasky cites end to ‘purely voluntary’ cyber approach; attorney Brown sees accelerating shift to regulation

Former CISA senior official Bob Kolasky says more mandatory cyber requirements are coming for critical infrastructure operators, while prominent cybersecurity attorney Megan Brown warns that “the tide appears to be turning” away from a voluntary partnership model in federal cyber policy.

Kolasky wrote a piece on Jan. 13 for the risk managers association GARP on expectations for 2023 and regulatory requirements aimed at critical infrastructure operators.

“It has become clear that policymakers are not going to accept a purely...