Language Selection

English French German Italian Portuguese Spanish

Inaction Could Lead to Cybersecurity Law

Filed under
Web
Legal

U.S. businesses for years have urged the government to let them set computer-security standards of their own, but their inability to do so could now prompt Congress to step in, experts say.

Those who worry that regulation may stifle innovation say the business community may have already missed an opportunity to prove the government's help is not needed.

"The market is in a much better position to respond to this challenge ... but corporate America has not provided evidence across the board that they've taken this issue seriously enough to protect consumers," said Bob Dix, a lobbyist for Citadel Security Software Inc., who until last year handled cybersecurity for a congressional subcommittee.

The private sector is under scrutiny after a string of incidents at data brokers, retailers and other businesses exposed at least half a million U.S. citizens to identity theft.

The business community for years has argued that any government regulations would quickly become outdated in a rapidly changing field, and a 2003 Bush administration plan called on the private sector to set its own standards.

Working with the Homeland Security Department, an industry-led task force issued a set of guidelines in April 2004 that called for company chief executives to take direct responsibility for their computer systems.

One year later, only two companies have adopted the guidelines: Entrust Inc. and RSA Security Inc., whose chief executives co-chaired the task force.

Corporate lawyers warned that any public security promises could open the door for lawsuits in the wake of a security breach, said Entrust CEO Bill Connor.

"Clearly people would rather be risk-averse to the legal side than risk-averse to the hacking and breaching," he said.

The Department of Homeland Security is also to blame for not promoting the guidelines after they were released, Connor said. A department spokeswoman did not return a call seeking comment.

A separate effort that took place on Capitol Hill had similar results.

Continued ...

More in Tux Machines

Open source increase in Swiss public administration

Switzerland’s public administrations are increasingly turning to using open source, according to the country’s IT trade group SwissICT and the open source advocacy group /ch/open. Like in 2012, the two groups have surveyed public administrations and companies in the country. They notice a “high increase in the use of open source software.” Read more

Tails 1.4 RC1 Anonymous Live CD Uses Tor Browser 4.5 and Debian 8 Jessie Sources

The Tails development team announced the immediate availability for download and testing of the first Release Candidate (RC) version of the upcoming Tails 1.4 amnesic incognito Live CD distribution that has been used by Edward Snowden to stay invisible online and browse websites anonymously. Read more

Linux Kernel 4.0 Arrives in openSUSE, KDE Plasma 5.3 and GCC 5.0 Coming Up Next

The openSUSE development team, through Dominique Leuenberger, had the pleasure of informing openSUSE users about what happened last week on Tumbleweed, the rolling-release branch of the openSUSE Linux operating system. Read more

Helsinki to prefer open source IT solutions

The city administration of Helsinki (Finland) will prefer open source software solutions for new IT solutions. The city council on 13 April adopted a new IT strategy, emphasising a preference for open source, especially when developing or commissioning the development of software solutions. Read more