So, another cyber security bill. The Strengthening and Enhancing Cybersecurity by Using Research, Education, Information, and Technology Act (SECURE IT). At least they didn't decide to attack Iran. If they stay busy and diverted with useless infosec legislation, maybe they won't create any real mischief.
And, who comes up with these acronyms? SECURE IT. Is there someone with a full-time job in Congress to come up with these? And I thought the headline writers for the NY tabloids were clever?
The problem with legislation for complex issues like cyber security is that the end result becomes more about arbitrary compliance than nuanced action to contain the original threat. Though I've personally benefited from SOX, for example, it clearly devolved into unthinking routine. Not sure how to solve the problem but arbitrary rules with random punishments is probably not the answer.
ReplyDelete