Will companies improve security voluntarily?
Will companies improve security voluntarily?

Government IT regulation sparks fierce debate

Tempers fray at RSA Conference as experts discuss government role in security

Written by Iain Thomson at the RSA Conference in San Francisco

vnunet.com, 17 Feb 2005

A series of heated exchanges at the RSA Conference left tempers frayed yesterday as experts debated the pros and cons of governments trying to regulate IT security.

Bruce Schneier, a cryptographer and IT security expert, Richard Clarke, former White House advisor on cyber-security, Harris Miller, president of the IT Association of America, and Rick White, president of TechNet, debated the role of regulation but found little common ground.

"We have a problem," said Clarke. "I opposed regulation in both the Bush and Clinton administrations. We now have some regulation and most of it does not work well."

He went on to state that, if he were grading the Bush government on its regulation progress, he would give it an 'F'.

Schneier, on the other hand, proved a fan of regulation, maintaining that it was the only way to get companies to write more secure code.

"What regulation does is change the trade-offs a company makes," he said. "The capitalist incentives are not in line with the results we want as a society. If we make it in a company's interests to make secure products, it will."

Schneier explained that companies would always choose to place less emphasis on security if it meant cutting into profits, and that the only way to reverse this is to make the penalties for insecure code greater than the cost savings of releasing insecure code.

But speaking for the industry, Miller strongly opposed further regulation. "Our industry is all about innovation and the concern we have is that regulation can be the enemy of innovation," he claimed.

"Even heavily regulated industries like the auto sector have problems. There are already plenty of laws on the books to deal with this."

The panellists found little to agree on, with the discussion turning heated on more than one occasion. Clarke finished his arguments with a warning on the consequences of inaction.

"Industries say that they don't want to be regulated; there's a surprise," he said. "Industry only responds when you threaten it with regulation. After a major incident there will be worse regulation than you have now."

  • Have your say
  • Send to a friend
  • Print this
  • Share

Tags:

reader comments

related articles

Doubts cast over efficacy of two-factor authentication

Hackers can beat security tokens

Two-factor authentication 'doesn't solve anything', claims security expert 15 Mar 2005

 

Linux fan concedes Microsoft is more secure

Vulnerability research claims shocking results 17 Feb 2005

Microsoft's enterprise security under fire

Symantec puts the boot in 16 Feb 2005

IT security industry faces a tough 2005

Days of wine and roses over as corporates streamline security budgets 16 Feb 2005

RSA Conference 2005

The information security event of the year rolls into San Francisco 15 Feb 2005

IT industry's 12-point cyber-security plan

Protect and survive 15 Dec 2004

Australia

Australia's climate bill row heats up

Prime Minister Kevin Rudd expresses anger at opposition's continued attempts to block cap-and-trade legislation 19 Nov 2009

Senate

Democrats rally to defend climate bill and EPA ruling

Row over US climate change legislation heats up as Republican Senator attempts to block EPA's right to regulate carbon emissions 13 Jan 2010

Security

RSA 2010: Panel discusses US security regulation

Experts split on role of government in online security 04 Mar 2010

related whitepapers

today's top stories

Communications

Telepresence: coming to a screen near you?

Telepresence systems enable organisations to hold boardroom-style meetings with far-flung participants without the hassle and expense of arranging travel and accommodation. But while the technology is impressive, it does not come cheap, as Martin Courtney discovered when he sat in on a virtual meeting with executives from Philips 10 Mar 2010

Internet

Users give their verdict on Azure

Some of the first wave of UK adopters met in London recently to air their views on Microsoft’s cloud computing platform. Dave Bailey listened in 10 Mar 2010

Communications

Protests greet new Digital Economy Bill amendment

ISPs, digital rights groups and Liberal Democrat supporters cry foul 05 Mar 2010

Management

Publishing special - Publishers innovate to survive

1) IT could hold the key to the future of publishing 2) Case Study: The Guardian harnesses social and mobile apps 3) How publishers are reacting to the iPad 02 Mar 2010

Management

IT Leaders' Forum in association with IBM

A unique opportunity to hear from expert speakers and engage in a debate about the future of the CIO job function 29 Jan 2010

> More news

Advertisement

Subscribe

Keys to successful Serviceā€Oriented Architecture implementation

This white paper explores best practices and general design patterns for service oriented architecture (SOA).

The Roadmap to IT Maturity — Matching Strategy to Infrastructure for Business Success

This paper defines a roadmap for matching infrastructure strategy to business success.

Advertisement

Keep up to date with the latest products, services and technologies from the world's leading IT companies; ITHound.com brings you over 6,000 white papers, case studies and analyst reports.

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

More available - click 'submit' to view

Existing User

Newsletter user login:

Jobs

Related jobs

Job of the week

> More IT vacancies

Job alerts

  • Latest jobs to your inbox
Sign up here

Find your next job

IT Salary Checker

  • Are you being paid what you are worth?
Check salary here

Advertisement

Latest poll

NHS centralised data

NHS centralised data

Do you think the NHS can be trusted to safely look after personal data electronically?

View poll results

> More polls

Latest audio and video articles

Video

HP unveils S Series notebooks

'Prosumer' line overhauled 01 Mar 2010

Web Seminar Listings

Preparing for enterprise-scale Windows 7 migration

The web seminar on 18 Feb will discuss how Windows 7 migration can increase IT efficiency in large enterprises, freeing up budgetary and personnel resources to focus on business innovation. Our panel of experts will examine the strategies, tools and services IT leaders can use to migrate successfully and reap the rewards of increased efficiency. 19 Feb 2010

> More audio and video

Latest in-depth articles

Martin CaveComment

Lessons to be learned from cricket's internet outing

Imagine the scene. It’s the final of one of the most popular sporting events in the Indian subcontinent and millions of people are glued to their laptops and PCs in anticipation of the four runs required off the last ball of the match. Suddenly the connection jitters and 20 seconds later you see the jubilant crowd flooding onto the field of play… 12 Mar 2010

Wayne GibbonsComment

Social networks are key to cracking China

Business social media can unlock the door to the world’s second-largest economy 10 Mar 2010

> More in depth articles

Primary Navigation