Congress is good at several things. It's good at acting in its own interest. It's good at posturing and showboating. And it's good at taking nice, long breaks. What it's not good at is understanding the Internet or acting swiftly and decisively. The current cybersecurity legislation mess is the perfect combination of those two factors. Corporations and government agencies in the U.S. have been getting their heads handed to them by attackers from around the world for several years now. Long-term, persistent campaigns have been targeting defense contractors, energy and utility companies, manufacturing firms and government agencies with an alarming rate of success.
But Congress, or at least some members of it, don't seem to understand that. Sen. Joseph Lieberman sent a letter Monday to President Obama, comparing the threat to U.S. networks from foreign attackers to the threat from terrorists before 9/11. He then urged the president to use his executive authority to somehow influence the situation.
Let's be clear: If the companies that own and operate critical infrastructure--not to mention defense contractors--don't understand the nature of the threat they're facing at this point, no amount of incentives is going to change that. Neither Congress nor the president can fix this problem with the kinds of solutions they're considering.
The one thing that could truly make a difference is a major change in the way that threat intelligence is handled."
Link to Original Source