NPR
Security Week
Mashable
LA Times
CBS
Washington Post
Atlantic Council
Reason Magazine
This week the CIA released its still-classified National Intelligence Estimate (NIE) regarding the threat of cyber warfare to US economic, infrastructure and military assets at home and abroad.
China is singled out as the source of an enormous and non-stop sequence of industrial espionage - compromising systems and stealing valuable trade secrets.
Heads of large corporate security interests, while representing a variety of unique approaches, all seem to at least agree that federal regulation should play a larger role in online life. User's real identities should remain authenticated, core infrastructure easily available for lawful intercept, etc. Others argue that corporate attack victims should begin systematically seeking retribution when systems are compromised, terming the approach "active defense" centered often around pro-actively collecting information crucial to a successful investigation and conviction prior to filing a complaint.
What are your thoughts about the role that the federal government should play in IT regulatory enforcement? Where should limited and expensive legal resources best be allotted? As always I look forward to your thoughts on what I find to be a challenging topic.
Security Week
Mashable
LA Times
CBS
Washington Post
Atlantic Council
Reason Magazine
This week the CIA released its still-classified National Intelligence Estimate (NIE) regarding the threat of cyber warfare to US economic, infrastructure and military assets at home and abroad.
China is singled out as the source of an enormous and non-stop sequence of industrial espionage - compromising systems and stealing valuable trade secrets.
Heads of large corporate security interests, while representing a variety of unique approaches, all seem to at least agree that federal regulation should play a larger role in online life. User's real identities should remain authenticated, core infrastructure easily available for lawful intercept, etc. Others argue that corporate attack victims should begin systematically seeking retribution when systems are compromised, terming the approach "active defense" centered often around pro-actively collecting information crucial to a successful investigation and conviction prior to filing a complaint.
What are your thoughts about the role that the federal government should play in IT regulatory enforcement? Where should limited and expensive legal resources best be allotted? As always I look forward to your thoughts on what I find to be a challenging topic.