Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Government May Step Into Security Fray

    By
    Dennis Fisher
    -
    November 8, 2001
    Share
    Facebook
    Twitter
    Linkedin

      SAN FRANCISCO — A former government lawyer on Wednesday said some federal regulation of computer security is inevitable if vendors and security researchers dont do a better job of policing themselves.

      That prospect is a frightening one for vendors and security experts who remember the battles in the late 1980s and 1990s over governmental regulation of cryptography.

      Speaking at Microsoft Corp.s Trusted Computing 2001 forum here, Michael ONeill, a partner at law form Preston, Gates & Ellis and the former general counsel at the Central Intelligence Agency, also took the security experts in attendance to task for irresponsible handling of vulnerabilities and exploits.

      ONeills comments came just after Mozelle Thompson of the Federal Trade Commission said he doubted the government would get involved in regulating security any time soon.

      Microsoft, for one, is spooked by the possibility of government intervention in the security community. Company officials concede, however, that it may become reality soon.

      “If we as a security community dont clean up our act, someone will step in and clean it up for us,” said Scott Culp, manager of the Microsoft Security Response Center in Redmond, Wash. “We really, really dont want to see that.”

      To avoid that scenario, Microsoft this week is trying to build support for an industry-backed effort to develop standards for vulnerability reporting and handling. Culp and others inside Microsoft believe that such a standard would cut down on the spread of exploit code and therefore reduce the number of attacks on the Internet.

      The standard could include things such as prescribed processes for reporting vulnerabilities to vendors as well as requirements for vendors to respond in a timely manner.

      But the effort is in its infancy. The process of forming a group to discuss a standard has yet to begin and Culp said he has no way of knowing how long the entire development effort could take.

      As with any Microsoft effort, this one is not without its detractors. Several of the attendees at the conference questioned the companys motives and there has been much speculation that Microsoft would like to restrict the distribution of vulnerability reports to a select group of partners. Culp vehemently denied that accusation and said that such an effort would fail before it ever got off the ground.

      “Thats absolutely untrue,” Culp said of the reports of Microsofts intentions. “It wouldnt be accepted. We have no designs for a closed process. We know two things: theres a problem, and we dont have an answer.”

      Dennis Fisher
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Careers

      SThree’s Sunny Ackerman on Tech Hiring Trends

      James Maguire - June 9, 2022 0
      I spoke with Sunny Ackerman, President/Americas for tech recruiter SThree, about the tight labor market in the tech sector, and much needed efforts to...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×