TheConversation

Blog archive

How to legislate cybersecurity right

Jay Rockefeller

Sen. Jay Rockefeller, one of the Senate's advocates of cybersecurity legislation.

Responding to an article on the Senate's renewed cybersecurity effort, reader Paul Misner wrote: [The] Senate walks a fine line here. If the bill is too weak, it will have no value as all. Too rigid, and it will result in agencies and companies being forced to implement out of date processes, hardware, software, and procedures that will increasingly become less valuable. What is needed is a strong, but balanced framework which is easy to understand, and dynamic to meet a dynamic set of adversaries. I think this type of legislation should be enforced with a carrot, rather than a stick, but providing protection from penalties for entities that follow it's guidelines, rather than punishment for those agencies who fail to make an effort to enforce.

Amber Corrin responds: That seems to be the consensus. A number of sources have warned against FISMA-like, "check-the-box" regulations that do not allow for the agility necessary to keep up with constantly evolving cyber threats. This, as well as the carrot-over-stick argument, was a top concern for Fortune 500 companies who responded to a cybersecurity questionnaire from Sen. Jay Rockefeller, as FCW reported earlier this month.

Posted by Amber Corrin on Feb 06, 2013 at 12:10 PM


The Fed 100

Read the profiles of all this year's winners.

Featured

  • Then-presidential candidate Donald Trump at a 2016 campaign event. Image: Shutterstock

    'Buy American' order puts procurement in the spotlight

    Some IT contractors are worried that the "buy American" executive order from President Trump could squeeze key innovators out of the market.

  • OMB chief Mick Mulvaney, shown here in as a member of Congress in 2013. (Photo credit Gage Skidmore/Flickr)

    White House taps old policies for new government makeover

    New guidance from OMB advises agencies to use shared services, GWACs and federal schedules for acquisition, and to leverage IT wherever possible in restructuring plans.

  • Shutterstock image (by Everett Historical): aerial of the Pentagon.

    What DOD's next CIO will have to deal with

    It could be months before the Defense Department has a new CIO, and he or she will face a host of organizational and operational challenges from Day One

  • USAF Gen. John Hyten

    General: Cyber Command needs new platform before NSA split

    U.S. Cyber Command should be elevated to a full combatant command as soon as possible, the head of Strategic Command told Congress, but it cannot be separated from the NSA until it has its own cyber platform.

  • Image from Shutterstock.

    DLA goes virtual

    The Defense Logistics Agency is in the midst of an ambitious campaign to eliminate its IT infrastructure and transition to using exclusively shared, hosted and virtual services.

  • Fed 100 logo

    The 2017 Federal 100

    The women and men who make up this year's Fed 100 are proof positive of what one person can make possibile in federal IT. Read on to learn more about each and every winner's accomplishments.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group