Most startups are small and known for being nimble, with only a few people needing to agree on a change in direction.
Meanwhile, large organizations struggle to be nimble, but it often takes "an act of Congress" to get major changes approved. Too many layers, too many motivations, too many legal reviews.
And that, it seems, is the problem in Congress when it comes to privacy and cybersecurity.
And a member of U.S. Congress just revealed the size of the problem.
"Rep. Jim Langevin, D-R.I., on Tuesday argued the current congressional committee structure hinders lawmakers’ ability to bolster the country’s cyber posture. Because some 80 groups claim some jurisdiction over cybersecurity, he said, it can take cyber legislation a disproportionately long time to get put to a vote. "
Do you notice he did not say 80 people? No, he said 80 groups have cyber jurisdiction. Odds are very low they could even reach a consensus on what's for dinner.
No wonder that calls to regulate Facebook and calls for a national privacy or breach notification law have gone unanswered.
We hear about the need for this every year at SecureWorld regional cybersecurity conferences, because it is complicated to keep up with the growing patchwork of state legislation in these areas.