Language Selection

English French German Italian Portuguese Spanish

Inaction Could Lead to Cybersecurity Law

Filed under

U.S. businesses for years have urged the government to let them set computer-security standards of their own, but their inability to do so could now prompt Congress to step in, experts say.

Those who worry that regulation may stifle innovation say the business community may have already missed an opportunity to prove the government's help is not needed.

"The market is in a much better position to respond to this challenge ... but corporate America has not provided evidence across the board that they've taken this issue seriously enough to protect consumers," said Bob Dix, a lobbyist for Citadel Security Software Inc., who until last year handled cybersecurity for a congressional subcommittee.

The private sector is under scrutiny after a string of incidents at data brokers, retailers and other businesses exposed at least half a million U.S. citizens to identity theft.

The business community for years has argued that any government regulations would quickly become outdated in a rapidly changing field, and a 2003 Bush administration plan called on the private sector to set its own standards.

Working with the Homeland Security Department, an industry-led task force issued a set of guidelines in April 2004 that called for company chief executives to take direct responsibility for their computer systems.

One year later, only two companies have adopted the guidelines: Entrust Inc. and RSA Security Inc., whose chief executives co-chaired the task force.

Corporate lawyers warned that any public security promises could open the door for lawsuits in the wake of a security breach, said Entrust CEO Bill Connor.

"Clearly people would rather be risk-averse to the legal side than risk-averse to the hacking and breaching," he said.

The Department of Homeland Security is also to blame for not promoting the guidelines after they were released, Connor said. A department spokeswoman did not return a call seeking comment.

A separate effort that took place on Capitol Hill had similar results.

Continued ...

More in Tux Machines

Linux Kernel 3.2.72 LTS Is Full of Improvements, Users Urged to Update Now

Just a few moments ago, Ben Hutchings, the maintainer of the long-term supported Linux 3.2 kernel series, has had the pleasure of informing Linux users about the immediate availability for download of Linux kernel 3.2.72 LTS. Read more

Parsix GNU/Linux 8.0 (Mumble) and 8.5 (Atticus) Receive Linux Kernel 4.1.10 LTS

The Debian-based Parsix GNU/Linux computer operating system is becoming more and more popular with each day that passes, as its development cycle accelerated in the last year. Read more

Sneaky Microsoft, Citizen and Government Clouds

Monday, October 13 was a busy day in Linux news. One of the more interesting tidbits comes from Neil Rickert who said, "Microsoft is being sneaky" in trying to covertly upgrade his Windows installs to version 10. Another from Red Hat's Eike Rathke remembered fifteenth birthday. Elsewhere, Red Hat's Nathan Jones addressed the state of government cloud and Marco Fioretti shared some thoughts on the "Citizen Cloud." Read more More:

  • Microsoft is being sneaky
    I purchased my main desktop for use with linux. But it came with Windows 8 as a discount deal from Dell. So I kept the Windows 8, and added a second hard drive for linux. I did update to Windows 8.1. I kept Windows for experimenting with dual boot on a UEFI system. My normal usage on this computer is to boot opensuse. But twice a week I boot to windows and update the anti-virus (Windows Defender). Once a month, I also do Windows updates. Then I boot straight back to linux.

The importance of community-oriented GPL enforcement

The Free Software Foundation and Software Freedom Conservancy have released a statement of principles on how GPL enforcement work can and should be done in a community-oriented fashion. The president of the Open Source Initiative, Allison Randal, participated as a co-author in the drafting of the principles, together with the leadership of FSF and Conservancy. The Open Source Initiative's mission centers on advocating for and supporting efforts to improve community best practices, in order to promote and protect open source (founded on the principles of free software). While the OSI's work doesn't include legal enforcement actions for the GPL or any of the family of licenses that conform to the Open Source Definition, we applaud these principles set forth by the FSF and Conservancy, clearly defining community best practices around GPL enforcement. Read more