Until we are able to abolish the cfaa, I have zero faith in our ability to legislate or regulate.
tl;Dr abolish the cfaa before any new restrictions on software development
To clarify, I know it would be inappropriate for direct federal regulation of the industry - it's too fast-moving and, like any guild (which is what it is, essentially) is subject to being politicised. I'm proposing something far simpler, such as: "if someone dies from software or SSNs get leaked, and the system was not signed-off by a state-licensed SE, then the company responsible is subject to extra damages for negligence" - and state-licensing should be under the purview of a non-profit board (with a bias towards governance from academia instead of industry). I think that would work.