Slashdot Mirror
New Legislation Would Federalize Cybersecurity
Hugh Pickens writes "Senators Jay Rockefeller and Olympia J. Snowe are pushing to dramatically escalate US defenses against cyberattacks, crafting proposals in Senate legislation that could be introduced as early as today, that would empower the government to set and enforce security standards for private industry for the first time. The legislation would broaden the focus of the government's cybersecurity efforts to include not only military networks but also private systems that control essentials such as electricity and water distribution. 'People say this is a military or intelligence concern, but it's a lot more than that,' says Rockefeller, a former intelligence committee chairman. 'It suddenly gets into the realm of traffic lights and rail networks and water and electricity.' The bill, containing many of the recommendations of the landmark study 'Securing Cyberspace for the 44th Presidency' (PDF) by the Center for Strategic and International Studies, would create the Office of the National Cybersecurity Adviser, whose leader would report directly to the president and would coordinate defense efforts across government agencies. The legislation calls for the appointment of a White House cybersecurity 'czar' with unprecedented authority to shut down computer networks, including private ones, if a cyberattack is underway. It would require the National Institute of Standards and Technology to establish 'measurable and auditable cybersecurity standards' that would apply to private companies as well as the government. The legislation also would require licensing and certification of cybersecurity professionals."
"measurable and auditable cybersecurity standards" that would apply to private companies as well as the government.
Until your elected representatives fully understand that any public infrastructure networks should not be connected to the 'Internet' -for any reason- any discussion of 'cybersecurity' is simply wasted words. WTF does it take for these 'public officials' to realize that critical infrastructure networks need to be completely isolated and secured from the hostile environment that the 'Internet' has become?
Sig this!
Because US government officials ALWAYS make good technical decisions. Because the placement of officials is NEVER based on politics rather than skill.
Maybe we could legislate some openness instead.
How so? Attaching some strings to the tax money they pump into failed businesses?
You clearly haven't been paying attention. Apart from trying to tax bonuses with unconstitutional laws, they've bailed out some companies while letting others fail with no clear motive, they've bailed out companies when letting them fall into bankruptcy would likely be a better option, they've spent a lot of money on projects that won't particularly help the economy all that much, they've spent so much money that inflation will be hard to avoid in the near future (and you REALLY don't want inflation during a recession), they've sent unclear messages about what they are trying to accomplish (some have speculated that Bernanke's ultimate goal is to never be accused of not spending enough), and on top of it they've proposed a budget that will triple the national debt in 10 years, and double it in five. If you want to go back a little farther, we can talk about starting two wars, not a great idea to begin with, but more importantly they were waged with clear incompetence from the beginning.
As for the new cyber-security initiative being flawed, compared to what? The baseline is: nothing.
I don't know if you are trolling here, or if you just haven't read the article, but they want the power to shut down any network they want. This is significantly worse than nothing, for reasons pointed out by Bruce above.
Sometimes it is better to do nothing. As the saying goes, "Don't just do something, stand there!"
Qxe4