Avalanche of new security laws proposed
#97 We said it was going to happen - just as we were coming to terms with Sarbanex Oxley, a far-reaching new bill includes an avalanche of new rules for corporate data security and stiff penalties for information burglars.
I mentioned previously that corporations are more concerned with legal risk than the risks posed by hackers, and legislation is therefore the only way to enforce security. Thus trend for the next two years would be that major publicised breaches would lead to new laws which would drive information security spending and that legislation would become a driving force in infosec as opposed to organisations being expected to "do the right thing".
The bill represents the most aggressive--and at 91 pages, the most regulation-oriented--legislative proposal crafted so far in response to a slew of high-profile security breaches in the last few months.
I mentioned previously that corporations are more concerned with legal risk than the risks posed by hackers, and legislation is therefore the only way to enforce security. Thus trend for the next two years would be that major publicised breaches would lead to new laws which would drive information security spending and that legislation would become a driving force in infosec as opposed to organisations being expected to "do the right thing".
The bill represents the most aggressive--and at 91 pages, the most regulation-oriented--legislative proposal crafted so far in response to a slew of high-profile security breaches in the last few months.
posted by Dwaine at 6/30/2005
0 Comments:
Post a Comment
<< Home