• My Tweats

    • Flickr Photos

    Creating a National Information Security Board

    TaoSecurity calls for National Digital Security Board (though I prefer calling it a National Information Security Board) modeled along the lines of the National Transportation Safety Board:

    Since its inception in 1967, the NTSB has investigated more than 124,000 aviation accidents and over 10,000 surface transportation accidents. In so doing, it has become one of the world’s premier accident investigation agencies. On call 24 hours a day, 365 days a year, NTSB investigators travel throughout the country and to every corner of the world to investigate significant accidents and develop factual records and safety recommendations.

    This is exactly what we need in digital security. Not the NTSB, but the NDSB — the National Digital Security Board. The NDSB should investigate intrusions disclosed by companies as a result of existing legislation. Like the NTSB, the NDSB would probably need legislation to authorize these investigations.

    Sounds like a good idea to me.

    This would put more sunshine on actual information security incidents. It would have the effect of creating an additional incentives to organizations to have a better security profile to avoid an investigation that would include no doubt negative publicity, loss of confidence from customers, employees, and investors. It would have a secondary effect of building up knowledge of securiety incidenct that should be shared with all.

    Leave a Reply

    Fill in your details below or click an icon to log in:

    WordPress.com Logo

    You are commenting using your WordPress.com account. Log Out /  Change )

    Google photo

    You are commenting using your Google account. Log Out /  Change )

    Twitter picture

    You are commenting using your Twitter account. Log Out /  Change )

    Facebook photo

    You are commenting using your Facebook account. Log Out /  Change )

    Connecting to %s

    %d bloggers like this: