Applying green energy tax policies to improve cybersecurity
Applying green energy tax policies to improve cybersecurity
https://www.helpnetsecurity.com/2026/02/20/applying-cybersecurity-tax-policies/
Publish Date: 2026-02-20 01:30:00
Source Domain: www.helpnetsecurity.com
For years, governments have focused only on the stick of compliance when they could leverage the carrot of tax incentives. Theoretically, compliance fines and penalties should act as a deterrent that improves accountability and reduces data breaches. However, many vendors often assume compliance risk rather than securing data effectively.
For example, Meta has been the most penalized company, accounting for €2.5 billion in fines across parent and subsidiaries. These large, ubiquitous, irreplaceable technology companies are willing to accept the risk of paying fines and penalties because the amount is insignificant in comparison to their overarching financial portfolio. Meanwhile, average technology companies and startups often have limited cybersecurity budgets, creating data breach and compliance risks.
Tax policies similar to the ones that promote green energy investments can incentivize large technology companies to build security by design and default while bridging the financial gap for other vendors. When combined with digital trust labels across consumer and commercial technology products, these tax policies would motivate buyers, technology producers, and service providers to make choices focused on data protection.
Understanding the producer and buyer landscape
Regulatory compliance covers various technology companies, yet only targets corporate purchasing. However, remote work has entangled a company’s security practices with its employee’s cybersecurity hygiene. To improve overarching security, regulations must address the different types of technology producers and buyers.
The technology producers
Across this layer, technology companies fall into three general categories:
- Gatekeepers: A set of ubiquitous technology companies that buyers cannot easily swap for more secure solutions, like those defined in the European Union’s Digital Markets Act.
- Replaceable technologies: Technologies, like enterprise SaaS applications or…
