>From Wired:
http://www.wired.com/news/politics/0,1283,45692,00.html
New Laws: Thou Shalt Patch
By Jeffrey Benner
2:00 a.m. July 31, 2001 PDT
With no real power to force action, the FBI's National Infrastructure
Protection Center often finds itself waving its arms, hoping for attention
when a threat like the Code Red virus emerges. Often, the warnings go
unheeded.
But that may be changing. Federal rules that will make it obligatory for
specific sectors to download virus patches are already here, and more are
coming.
"There is a justification for these regulations having been implemented,"
said Dean Harvey, who specializes in Internet law at Vinson & Elkins in
Dallas. "There's a patch for Code Red, but it's still on a quarter-million
servers. It should be an eye opener to businesses that they need to keep
their systems secure."
On Monday, the Federal Trade Commission (FTC) proposed a regulation that
will require financial service companies to protect their networks against
"anticipated threats" and generally take measures to protect their
information.
David Medine, who led the FTC's privacy group for five years and is now a
lawyer with Hogan and Hartsen in Washington, said the proposed regulations
could help improve the overall level of security on the Internet.
"It means financial institutions will have a legal obligation to take
steps to preserve the security of their organization," Medine said. "They
will be more likely to incorporate patches and fixes."
...continues...
This archive was generated by hypermail 2.1.1 : Fri Aug 31 2001 - 03:10:02 EST