Chris Doggett, managing director for Kaspersky Lab North America, agreed that any legislation enacted shouldn't end up prohibiting the techniques and methods used by legitimate security researchers, security consulting companies, and security vendors. He warns that we can't "handcuff" the very people and organizations we rely on to defend us from the cybercriminals.
Doggett also stressed that mandated information sharing could do more harm than good. "It should not cross-over into the area of broad-reaching surveillance (in conflict with our right to privacy), nor should regulations be enacted that force information disclosures which compromise criminal investigations. And of course, we must safeguard against information being disclosed which causes incremental damage to the victims of the attacks or unduly punishes those who are not our true adversaries in the battle against cybercrime."
Stay calm and keep secure
Cybersecurity plays an integral role in the safety and economic stability of our nation. It's about time that cybersecurity be treated as a higher priority, and that we start to find ways for the public and private sector to work together for better security. Finding a politically acceptable common ground that actually has a chance of impacting cybersecurity is a virtually impossible task, though.
It's important for people to be informed about what the government is planning, and to speak up to their elected officials if they disagree with proposed legislation. Tim Erlin, director of IT security and risk strategy at Tripwire, cautions against freaking out prematurely, though. "Rhetoric is just that, and the cybersecurity industry as a whole should be cautious about Obama's proposals. Until they make their way through the muck and mire of Congress, they remain merely ideas aspiring to become reality."
Sign up for Computerworld eNewsletters.