funsec mailing list archives
Re: Senate Legislation Would Federalize Cyber Security
From: "John C. A. Bambenek, GCIH, CISSP" <bambenek.infosec () gmail com>
Date: Wed, 1 Apr 2009 12:14:03 -0500
When they can secure their own crap, they can talk to me about licensure. On 4/1/09, Larry Seltzer <larry () larryseltzer com> wrote:
BTW, you're missing the best part of the article: "[The bill] would require the National Institute of Standards and Technology to establish "measurable and auditable cybersecurity standards" that would apply to private companies as well as the government. It also would require licensing and certification of cybersecurity professionals. " Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blogs.pcmag.com/securitywatch/ Contributing Editor, PC Magazine larry.seltzer () ziffdavisenterprise com -----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Paul Ferguson Sent: Wednesday, April 01, 2009 3:45 AM To: funsec () linuxbox org Subject: [funsec] Senate Legislation Would Federalize Cyber Security -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Via The Washington Post. [snip] Key lawmakers are pushing to dramatically escalate U.S. defenses against cyberattacks, crafting proposals that would empower the government to set and enforce security standards for private industry for the first time. The proposals, in Senate legislation that could be introduced as early as today, would broaden the focus of the government's cybersecurity efforts to include not only military networks but also private systems that control essentials such as electricity and water distribution. At the same time, the bill would add regulatory teeth to ensure industry compliance with the rules, congressional officials familiar with the plan said yesterday. Addressing what intelligence officials describe as a gaping vulnerability, the legislation also calls for the appointment of a White House cybersecurity "czar" with unprecedented authority to shut down computer networks, including private ones, if a cyberattack is underway, the officials said. How industry groups will respond is unclear. Jim Dempsey, vice president for public policy at the Center for Democracy and Technology, which represents private companies and civil liberties advocates, said that mandatory standards have long been the "third rail of cybersecurity policy." Dempsey said regulation could also stifle creativity by forcing companies to adopt a uniform approach. [snip] More: http://www.washingtonpost.com/wp-dyn/content/article/2009/03/31/AR200903 310 3684.html Somehow, this strikes me as a very bad idea.... - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.3 (Build 5003) wj8DBQFJ0xtbq1pz9mNUZTMRAk2oAJ44KDALS8wR3u+mQFF3zdg+C3K9twCg7w4m JtBlu6qbviPa6jU4zRfDMO4= =qxH9 -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawgster(at)gmail.com ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
-- Sent from my mobile device _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Senate Legislation Would Federalize Cyber Security Paul Ferguson (Apr 01)
- Re: Senate Legislation Would Federalize Cyber Security Larry Seltzer (Apr 01)
- Re: Senate Legislation Would Federalize Cyber Security Larry Seltzer (Apr 01)
- Re: Senate Legislation Would Federalize Cyber Security Paul Ferguson (Apr 01)
- Re: Senate Legislation Would Federalize Cyber Security John C. A. Bambenek, GCIH, CISSP (Apr 01)
- Re: Senate Legislation Would Federalize Cyber Security phester (Apr 01)