RE: [ISN] Bills aim at raising infosec expertise

From: InfoSec News (isnat_private)
Date: Fri Feb 01 2002 - 02:36:53 PST

  • Next message: InfoSec News: "[ISN] InfoSec News List Information"

    Forwarded from: H C <keydet89at_private>
    
    > Interesting information provided here, not only does the
    > government and industry not communicate, but, the government and
    > those inside do not communicate.
    
    Old news.  I'm currently trapped inside the defense contracting
    dungeon, and I'm constantly being informed about this by the
    non-technical managers.  In fact, many contracting firms use this to
    their advantage...even to the point of doing the same work for
    multiple customers.  After all, gotta meet the revenue numbers, right?
    
    About every quarter we hear from the GAO about how bad security is
    within the gov't.  Every couple of months, yet another report on the
    FAA or IRS or some other three-letter gov't agency comes out.
    
    If it's nothing new...is it news?
    
    How many ineffectual agencies do we need?  I mean, we've already got
    NIPC, right?  Nothing came of the Senate subcommittee hearings we've
    already had...other than the rather humorous report that Mudge
    couldn't get his travel reimbursed...so what can we expect now?
    
    On the flip side of things, though, even in the commercial sector, the
    vision isn't all rosy and bright.  Infosec is just common sense, yet
    it isn't done.  Consultants are paid beaucoup $$, and nothing is done.  
    Insurance companies offer coverage for protected networks, and still
    no security.  Now, it's going to become a law.  Hhhhmmmm.  So, what
    happens if the corporation or federal agency isn't in compliance w/
    the law?  Do they get fined?  If so, does that not, in effect, serve a
    more potent function than, say, a web page defacement?
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.
    



    This archive was generated by hypermail 2b30 : Fri Feb 01 2002 - 06:09:33 PST