top of page
CSAW24_Logo_WHITE.png
Cyber Policy Logo-Photoroom.png

Cyber Policy Competition
US-Canada

The rapid expansion of the digital ecosystem has resulted in software products becoming the backbone of modern societies. Yet, prevailing market trends often prioritize speed of deployment of new software over security. This leads vendors to hasten product releases, occasionally sidelining vital secure development standards. It’s concerning to observe the norm of software products being dispatched with default settings are insecure, poorly written code, and the incorporation of third-party software of ambiguous origins. This lackadaisical stance on security deepens when software manufacturers use their technical dominance and political lobbying to eschew responsibility. Consequently, the digital ecosystems systemic risk heightens, shifting the weight onto the unsuspecting end-users.

The imperative today is to hold software developers accountable for neglecting essential security measures, even as we acknowledge that no software can be completely invulnerable. While fostering innovation remains crucial, developers must also bear responsibility when they fail to prioritize the safety of their users.

The CSAW 2024 Cyber Policy Competition focuses on addressing the mentioned concerns, working towards developing policies for software product and service liability, and establishing best practices in secure software development.

Key areas to research in this cyber policy area include:


Software Security and Liability

  • Market Dynamics: Examine the present market dynamics which reward quick product launches and often disregard secure software development practices. ● Duty of Care: Discuss the responsibility of software developers and vendors towards their consumers, businesses, and critical infrastructure providers. ● Liability Shift: Propose methods to shift the liability from end-users to those who introduce vulnerable products.

  • Integrating Open-source Components: Discuss the responsibility and liability when integrating third-party software, especially open-source components.

Global Impact and Best Practices 

  • Global Standards: Delve into the possibility and implications of setting global standards for software liability and security.

  • Open-source in the Global Arena: Discuss the role, advantages, and challenges of open-source software in the global context, and its liability implications. 

competition timeline

25 October 2024
29 October 2024
6 November 2024 - 9 November 2024
Paper Submission Deadline
Finalist Notification
Competition Day
Timeline

Eligibility

The CSAW Cyber Policy Competition welcomes all students who have a passion for exploring the field of cyber policy. We encourage you to participate and share your insights with our judges. This is a fantastic opportunity to showcase skills and understanding.

Eligibility
Rules & Guidance

Rules & Guidance

​Competitors should structure their proposed policy solutions within one of the following key focus areas:


Focus Area 1: Software Security and Liability

  • How can the market be restructured to prioritize software security without stifling innovation? 

  • What constitutes a “reasonable precaution” in software security, and how can it be measured? 

  • How can legislation ensure liability doesn’t stifle small businesses and startups, ensuring they can compete with industry leaders?

Focus Area 2: Global Impact and Best Practices

  • How do different countries address software liability, and what can be learned from them? 

  • Is a global standard for software security feasible, and what would it look like?

  • How does the open-source software movement fit into this equation globally, and how can it be integrated securely? 

What Needs to be Covered?

  • Policy Proposal: Propose structured plans for policies that enforce liability for insecure software products.

  • Guidelines and Standards: Reference frameworks like the NIST Secure Software Development Framework for best practices.

  • Safe Harbor Framework: Discuss frameworks that may offer protection to companies that adhere to best practices.

  • Stakeholder Collaboration: Highlight the cooperative dynamics between the government, private sector, and open-source community.

Your innovative approaches, clear definitions, and the scope of policy is what we seek. Prioritize practicality and broad stakeholder implications in your policies. Reach out to the CSAW committee for queries.


Useful References

Submit Papers to the Google Form by October 25th, 2024.

Judging criteria

Judging Criteria

The Cyber Policy competition will prompt students to submit a maximum 500-word response to one of the two proposed focus areas. From these submissions, the CSAW committee will select the finalists.

Awards

Awards
  • First Place: $1000

  • Second Place: $750

  • Third Place: $500

bottom of page