Companies that control key infrastructure have so far remained largely free of regulations to ensure that their information technology systems are secure. But policy-makers appear to be in the early stages of considering such rules.
Exhibit A: Legislation that would require the Department of Homeland Security to study an assortment of regulations was adopted this week by a House subcommittee. The bill allocates funds for research into, among other things, the efficacy of (1) "mandated reporting of security breaches" that threaten critical infrastructure; (2) "regulation that imposes, under threat of civil penalty, best practices" on operators of critical infrastructure; and (3) "accounting practices that require companies to report their cybersecurity practices and postures and the results of independently conducted 'red-team' simulated attacks or exercises."
Exhibit B: The "Rockefeller-Snowe Cybersecurity Act" introduced this week would require the president and critical infrastructure industries to develop cybersecurity best practices, which the companies would be expected to follow. Independent audits would be conducted, and companies that fell short would have "to work collaboratively with the government and private sector colleagues within their critical infrastructure sector (via existing sector coordinating councils) to develop and implement a collaborative remediation plan."
Exhibit C: The FCC's national broadband plan unveiled this week proposes expanding network outage reporting rules that now apply only to traditional telephone service. The FCC would like the rules to apply to all broadband network services. The FCC also proposed a "voluntary cybersecurity certification program" for businesses.
None of the above examples present major challenges for the private sector. In fact, several industry associations have successfully steered Congress and the FCC away from regulatory solutions for cybersecurity. But policy-makers like to create rules, and they're still learning about cybersecurity. -- TL
Subscribe to:
Post Comments (Atom)
Hi, your article was of great help. I loved the way you shared the information, thanks.
ReplyDeleteAmazing article, I highly appreciate your efforts, it was highly helpful. Thank you.
pmp,pmp certification,Project Management cost,pmp certification cost,pmp course,pmp certification in gurgaon.
Digital Marketing Institute
ReplyDeleteBest Digital Marketing Institute in Delhi and Kalkaji
HURRY NOW Limited Period Offer
IFDA is India's No 1 Digital Marketing Institute in Delhi
C Language Course
ReplyDeleteIFDA is India's No 1 IT-Training Institute in Delhi
IFDA is Located in Delhi, Kalkaji and Badarpur
IFDA Offers Wide Range of Professional Courses