Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Submission + - Published Threat Intelligence, Not Cybersecurity Laws, Is What's Needed (threatpost.com)

Trailrunner7 writes: For several years now, Congress has been wandering around the wilderness, trying to figure out why so much of America's intellectual property is being sucked into a giant vortex somewhere over Asia and whether they should do something to stop it, like maybe pass a cybersecurity law. They've taken innumerable swings at it, and struck out every time, with the two parties unable to agree on what needs to be in a cybersecurity bill and what entities should be covered by it. Now Congress is in recess and it looks less and less likely that anything will be passed before the end of the session. And, for once, we all should be thankful for our lawmakers' inability to act.

Congress is good at several things. It's good at acting in its own interest. It's good at posturing and showboating. And it's good at taking nice, long breaks. What it's not good at is understanding the Internet or acting swiftly and decisively. The current cybersecurity legislation mess is the perfect combination of those two factors. Corporations and government agencies in the U.S. have been getting their heads handed to them by attackers from around the world for several years now. Long-term, persistent campaigns have been targeting defense contractors, energy and utility companies, manufacturing firms and government agencies with an alarming rate of success.

But Congress, or at least some members of it, don't seem to understand that. Sen. Joseph Lieberman sent a letter Monday to President Obama, comparing the threat to U.S. networks from foreign attackers to the threat from terrorists before 9/11. He then urged the president to use his executive authority to somehow influence the situation.

Let's be clear: If the companies that own and operate critical infrastructure--not to mention defense contractors--don't understand the nature of the threat they're facing at this point, no amount of incentives is going to change that. Neither Congress nor the president can fix this problem with the kinds of solutions they're considering.

The one thing that could truly make a difference is a major change in the way that threat intelligence is handled.

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Published Threat Intelligence, Not Cybersecurity Laws, Is What's Needed

Comments Filter:

The IQ of the group is the lowest IQ of a member of the group divided by the number of people in the group.