[ISN] House may act on cybersecurity liability protection

InfoSec News isn at c4i.org
Fri Sep 17 07:48:39 EDT 2004


By Florence Olsen 
Sept. 16, 2004

Industry officials who favor cybersecurity liability protection may
see action on their recommendations in the next legislative session.

Robert Dix, staff chief of the House subcommittee that oversees
cybersecurity policy, said subcommittee members might introduce
legislation based on recommendations of the Corporate Information
Security Working Group, an organization of 25 senior business and
academic leaders who advise the subcommittee chairman, Rep. Adam
Putnam (R-Fla.), about ways to improve the nation's critical

Dix, speaking at a noon meeting of the Association for Federal
Information Resources Management, offered no specific details on
possible legislation. The working group, which has made 23
recommendations for improving cybersecurity, will issue its next
report in November.

Based on the report's findings, members of Putnam's Government Reform
Committee's Technology, Information Policy, Intergovernmental
Relations and the Census Subcommittee are likely to introduce new
legislation, Dix said.

"It's difficult to legislate software quality, we don't want to stifle
innovation," he said. Putnam favors a market-based approach to fixing
the nation's cybersecurity weaknesses, Dix said. "It's our belief
that's beginning to happen" — that companies are bolstering critical
infrastructure systems that control water supplies, power plants and
communications, he said.

But utilities companies, he said, may need some legislative help to
upgrade their systems and pass along the costs through changes in
their rate structures.

Putnam said the nation's weak cybersecurity defenses are a bigger
problem than most people realize. "We need a pride in security
campaign in this country," he said. "We need to stop kidding ourselves
about his problem."

More information about the ISN mailing list