> S.773 (the Cybersecurity Act of 2009) is at least a smell of smoke > over the horizon. Anyone who thinks they can stand up in front of > a judge and jury and always get away with those sorts of lame excuses > will have another think coming when Critical Infrastructure security > is federally mandated (and CI is defined as "whatever the President > says it is").
<sarcasm>Yes, and FISMA/PCI/insert-favorite-mandated-law-here did an EXCELLENT job of improving security.</sarcasm> Make a "better" information security law, and all you'll "make" will be better experts who can lie. --Keith Keith Young, Security Official Department of Technology Services Montgomery County, Maryland phone - (240) 777-2955 _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
