Voluntary Cyber Security Approach Not Good Enough
Ben Bain writes on Washington Technology:
The market-based, voluntary approach that the Bush administration has used to encourage companies to improve cybersecurity is not sufficient and the incoming Obama administration should form a cybersecurity social contract with industry based on economic incentives, according to a new report by a trade association.More here.
The Internet Security Alliance (ISAlliance) released a report yesterday suggesting a cybersecurity social contract through which government would encourage and reward corporations by potentially working cybersecurity into procurement and loan processes, along with possible awards programs that could be used as marketing advantages.
The group said the voluntary approach laid out by the Bush administration has not been sufficient because it is missing incentives to encourage companies to invest beyond their corporate interests and for the greater public good of cybersecurity. The organization said government mandates were not the right approach, in part because of the global nature of the Internet and the negative effects they could have on U.S. industry.