A Federal Takeover of Cyber Security?

by on March 13, 2009 · 10 comments

One hopes not. But the White House’s 60-day review of cyber security, ongoing now, could set the stage for it.

In a TechKnowledge piece out today, I argue against federal responsibility for private cyber security. A common law liability regime is the best route to discovering and patching security flaws in all the implements of our information economy and society.

The smarties at the Center for Information Technology Policy at Princeton recently sat down to discuss these issues too.

  • http://www.guerilla-ciso.com/ rybolov

    Hi jim and Tim

    The key problem for security is mentioned in the Princeton podcast: there is a shortage of skilled labor and a shortage of people who are cross-trained into having some security skills.

    One thing I want to make clear: there is no return on investment for security. Security is a cost, and only in very rare circumstances is there a return on security costs. Instead, good security is cost reduction or loss prevention, an entirely different model.

    We do have some industry self-regulation happening. PCI-DSS is a good example.

    I do see a disconnect in Jim's article. Forensics do not equal liability, they equal the ability to track down the “real” evildoer, but you still might have an issue of negligence. Negligence is a better model for us to look at when we set public policy.

    If you really want to push security in public policy, have a look at the various data breach laws that have been pushed. S.459 comes to mind. http://thomas.loc.gov/cgi-bin/bdquery/z?d110:S495:

  • http://reesepayton.com/ Reese Payton

    Federal responsibility, no way! Please keep us posted on the results.
    Reese Payton

  • http://reesepayton.com/ Reese Payton

    Federal responsibility, no way! Please keep us posted on the results.
    Reese Payton

  • http://reesepayton.com/ Reese Payton

    Federal responsibility, no way! Please keep us posted on the results.
    Reese Payton

  • Pingback: no no hair removal price in india

  • Pingback: no no hair removal sephora review

  • Pingback: pop over to this website

  • Pingback: Cigarette electronique

  • Pingback: premier league philippines

  • Pingback: WEB SITE

Previous post:

Next post: