" But a lack of information and expertise on the part of legislators can hamper effective legislation."...something I have been saying for a long time...we need geeks in Congress....I run in to this battle all the time with folks who image make decisions lacking the overall ROI and effects of technology minded decisions...why...much of it is because they won't use any modern technology...you just haven't lived until you have experienced a virus or Trojan horse and then security comes right to the forefront.....“Some of our members don’t even use computers,” Olcott said. “They have some discomfort talking about technology.” ...so if this happens at the top levels...I do ask myself...where does this leave me?  They have staff that writes the legislation...so who's really in control here...do we need to lobby the staff instead?  What impact does this have on electronic medical records?  What does this do for HIPAA? ...some questions kicking around in my head..who is in charge?  BD  

SAN FRANCISCO—Making national cybersecurity policy is an always difficult and often thankless task, the director of a House subcommittee told an audience Wednesday at the RSA Security conference.
“One of the things that make cybersecurity difficult is that there are a lot of mixed messages out there,” said Jacob Olcott of the House Homeland Security Subcommittee on Emerging Threats, Cyber Security, and Science and Technology. Some see the threat of cyberterrorism as a reality, and others think dire pronouncements are overblown. “There is a lot of disagreement about what, exactly, we’re dealing with.”

And there is a confusing amount of overlap in congressional oversight of the subject, Olcott said. Who is in charge of cybersecurity? “Everybody and nobody.”

“The 110th Congress is winding down,” he said. Industry would like to see a national data breach notification law replace the state laws now in place in addition to a cybercrime bill that would put some prosecutorial teeth into federal computer crime laws. “I don’t think there’s much chance of either of these bills getting out of committee, let alone being heard on the floor,” Olcott added.

Congress to industry: 'We need your help'

Related Story: 

Replacing NAC as the hottest topic might be virtualization. Now that the major information technology players are supporting virtual servers — that is, multiple operating systems running on a single piece of hardware rather than the traditional monogamous mating of one server and one operating system — security companies are working on ways to secure these configurations. It is becoming apparent that many of the tried and tested tools used to secure servers do not work and play well in a virtual environment. Administrator are faced with a conundrum: Hardware-based security appliances offer high performance and ease of use, but those appliances might no longer do the job they were bought to do after excess server hardware has been eliminated from the data center, and operating systems share physical resources. The vendors, of course, are coming up with answers for them.

Finally, there is the Web 2.0 umbrella, which refers to anything interactive that can be accessed over the Web. Some of these are germane to the enterprise, such as Web applications used for business. Others are consumer-focused playthings such as social networking sites, virtual worlds and peer-to-peer file sharing applications that are creeping into the enterprise by back doors. Managing and securing them is a big challenge, and hence a big topic.



Post a Comment

Google Analytics Alternative