A Need for Greater Cybersecurity
otterit writes "A story in the Washington Post discusses how chief executives of U.S. corporations and their boards of directors should assume direct responsibility for securing their computer networks from worms, viruses and other attacks, an industry task force working with the federal government said."
Corporations announce they should be responsible for securing their own networks.
(as opposed to relying on magical network security elves that secure your network while you sleep and provide freshly made footware in the morning)
Yea, but how will we post on slashdot then?
Think about the slashdot. Think!
When you make demands like this, the next thing you know, you'll try to make them directly responsible for their corporate financial statements.
[You have a stable society when some nut guns down a schoolyard and the law doesn't change.]
I know of one large government agency that recently had to turn off all linux machines. Why? There was no anti-virus software installed on them, and the "security czar" required such software on all servers.
If worms, viruses and other attacks can alter or remove financial accounting data, then the execs currently are accountable thanks to Sarbanes Oxley 404. This legislation creates work like Y2k did. If you haven't been impacted by it at your job yet, start reading up now.
Isn't it about time to really assess whether it is absolutely necessary to provide every employee with their own telephone?
Restricting telephone calls to a single secretary (or secretarial pool) that only make and receive calls and forwarded messages on to the internal workforce seems like the absolute maximum telephone usage necessary for most businesses.
Surely employees don't have to make calls (especially personal) while at work?
if executives thesedays where accountable for anything, seems if you wear a suit and grovel enough you can more or less do whatever you want !, just read the newspaper for examples
"As part of the Sarbanes-Oxley act, companies are required to conduct some internal security audits to get a 404 compliance certificate. Without this certification, the company stock can't be traded."
I'm having trouble finding that document. Every time I think I've located it I get a 404 response.
Whenever you hear the term "cybersecurity," don't read the article! It's gov't-related, or some other BS. No non-BS sources use it.
Must-not-watch TV!
Corporate CEO's always have and will continue to put security budgets at the bottom of the priority list until of course their internal networks are compromised. :)