Forwarded from: Richard Forno <rforno (at) infowarrior.org> Talk about a blast from the past! This article could be ripped from FCW's archives with only the dates and names changed .... I mean, didn't we hear industry and gov folks say the same thing in 1997, 2000, 2003, 2005, 2007 and 2009 about critical infrastructure protection, Y2K, homeland security, etc? Heck, the Nation even has a "National Strategy for Information Sharing" issued by the White House. Lot of good that's done, too. Yet after 15 years or so we're *still* talking about the same problems and obstacles to overcome involved with both information-sharing and infosec in general, in both human and technical terms. ...but that's okay, we can always levy a Charney-charge [1] on everyone to help subsidize the industry instead. This is the decade of bailing folks out, isn't it? Same stuff, different year. And folks wonder why I am so damn cynical about this industry. -rf [1] http://blog.seattlepi.com/microsoft/archives/196494.asp On Mar 4, 2010, at 01:18 , InfoSec News wrote: > http://fcw.com/articles/2010/03/03/cybersecurity-policy.aspx > > By William Jackson > FCW.com > March 03, 2010 > > SAN FRANCISCO -- The lack of trust between the public and private > sectors continues to inhibit the sharing of information needed for the > nation to effectively defend against rapidly evolving cyberthreats, a > panel of industry experts and former government officials said Tuesday. > > "We need to have more transparency in the public-private partnership," > said Melissa Hathaway, former White House advisor who conducted last > year's comprehensive review of government cybersecurity. "The trust does > not exist between the two parties." > > Hathaway, who now runs her own cybersecurity consulting firm, said > during a panel discussion at the RSA Security Conference that a .safe > space. overseen by a trusted third party is needed to facilitate > sharing. > > William Crowell, former National Security Agency deputy director, said > that it should be possible to share information without identifying the > source, to make the parties feel more secure about providing it. "We > need to be able to abstract the information we are are going to share," > he said. "That's our best approach in the long run." > > [...] > > > ___________________________________________________________ > Register now for HITBSecConf2010 - Dubai, the premier > deep-knowledge network security event in the GCC, > featuring keynote speakers John Viega and Matt Watchinski! > http://conference.hitb.org/hitbsecconf2010dxb/ ___________________________________________________________ Register now for HITBSecConf2010 - Dubai, the premier deep-knowledge network security event in the GCC, featuring keynote speakers John Viega and Matt Watchinski! http://conference.hitb.org/hitbsecconf2010dxb/Received on Fri Mar 05 2010 - 00:45:49 PST
This archive was generated by hypermail 2.2.0 : Fri Mar 05 2010 - 01:05:24 PST