Slashdot Mirror

← Back to Stories (view on slashdot.org)

Network Webcurity Wishlist?

Posted by Cliff on from the bending-the-governments-ear dept.

breillysf asks: "I am a California-based network security attorney who has been asked by a senior US Senator to compile a list of the most important legal concerns facing network security administrators. He has a good feel for the government security issues (and lack there of), but he is concerned about what is going on in the front lines in the private sector. I thought the Slashdot crowd would have the best feel on the pulse of the current situation. Specifically, if you could ask Congress for help in the area of network and information security, what would you ask for? Or would you tell them to get out of the way?"

"For example, I tried to push for tax incentives for upgrades in network security measures, but the Senator replied that is dead in the water because we are now spending into a deficit. He would rather see insurance companies reward firms with lower premiums for enhanced security. But there are International legal issues, compliance issues, privacy complications, potential negligence liability exposure, lack of federal incident response, FOIA and anti-trust issues with info sharing, conflicting state and federal cybercrime and privacy laws, USA Patriot Act concerns, etc."

3 of 512 comments (clear)

  1. Webcurity? by joshv · · Score: 0, Redundant

    What kind of word is that? Webcurity...

    What next? Homelandcurity?

    -josh

  2. Don't Attempt to Regulate by Bob(TM) · · Score: 4, Redundant

    Congress doesn't regulate whether individuals or corporations lock their doors, install security alarms, or any of a plethora of physical security measures. Then, why would I want them to step into the fray and regulate security responses and policies in cyberspace?

    To begin with, the government doesn't move fast. Given that time scales associated with the IT was becoming smaller and smaller, the iterrations would go through many cycles before Congress knows what hit them. Attempting to regulate the arena would get in the way.

    Secondly, Congress obfuscates rather than clarrifies. Look at the DMCA - which causes more problems for the industry than it solves. It's great for the conventional copyright holder but has the effect of stiffling digital advances. Congress moving to mandate information security policies or measures would be the same thing - the paradym they are working under doesn't apply well to this technology or the time scales under which it operates.

    Let the industry that's used to the pace of things set the policies. Congress is better suited to time scales where change occurs in years, not days.

    --

    The little guy just ain't getting it, is he?
  3. Re:Holding Companies Liable by posmon · · Score: 0, Redundant

    eh up! this is america in the 21st century. you can sue for anything!

    --

    update comments set karma=-1, reason='offtopic' where sid=26315