At yesterday's RSA show in San Francisco, former White House cyber security czar Dick Clarke says government and industry deserve an "F" for cybersecurity. Clarke called for more regulation of cybersecurity in certain sectors, such as electricity and Internet service providers. Joining Clarke on a panel to discuss the issue was Rick White, President and CEO of TechNet, who disputed the need for additional government regulation. To read more, click below...
More from Carrie Kirby in today's San Francisco Chronicle:
(Clarke) said that ISPs should be required to provide secure connections and that power companies should be mandated to secure computers connected to the power grid because, without competition, there is no other motivation for them to do so. "Next time you're in a power blackout ... think about whether you want regulation."
In Todd Bishop's story in today's Seattle Post Intelligencer, there's more:
During a panel discussion on technology regulation, Rick White, a former Republican congressman from Washington state, agreed with Clarke that it would be good to establish visible standards by which companies could be judged in the marketplace. "I think that's a blueprint for something that probably works," said White, now chief executive of technology lobbying organization TechNet. "It's just a question of how far you get the government involved."
But on the subject of government involvement, White and Clarke disagreed, as illustrated by a related discussion of Internet service providers. Clarke said he would want to see government regulation of ISPs to ensure that they offer adequate levels of security to their customers. But White warned that regulation in general could hinder technological advances. "We have a great thing going in terms of innovation in this country," he said. "We're leading the world and we need to be able to continue to do that."
Another panelist, security expert Bruce Schneier, said it was important to remember that the underlying goal of software companies is financial, no matter how well intentioned their security efforts. "Companies are not charities," Schneier said. "They don't do this stuff out of the goodness of their heart. They do it because the marketplace demands it, they do it because liability demands it, they do it because regulation demands it, they do it because competition demands it. Something has to demand it." Along those lines, he said, "The marketplace will only go so far."
What do you think the answer is? Please share your views!
Comments