The Missing Compliance Framework in the 2015 U.S.-China Cybersecurity Agreement

November, 2015
IDA document: D-5648
FFRDC: Systems and Analyses Center
Type: Documents
Division: Information Technology and Systems Division
Mussington, Brian David A. See more authors
The 2015 US-PRC cyber agreement created expectations regarding changes in China’s cyber behavior in relation to the theft of commercial IP. Such changes need to be measurable, but the agreement itself lacks a verification mechanism. This paper outlines some requirements for such a mechanism, and offers an approach to evaluating one.