RE: Re: Flawed Surveys [was: VPN endpoints]

["Bill Royds" <broyds () rogers com>]

 Sarbanes-Oxley has had a great effect on Canadian companies who have American
subsidiaries. IT is that which has kicked butt at Nortel and undid Conrad Black.
Better American security reporting helps the rest of the world since nearly
every foreign company has at least one American subsidiary.

-----Original Message-----
From: firewall-wizards-admin () honor icsalabs com
[mailto:firewall-wizards-admin () honor icsalabs com] On Behalf Of Paul D.
Robertson

I was asked once by a congressional staffer[1] what Congress could do to
improve computer security.  I think it's a pretty easy answer- mandate
disclosure of several classes of events in a company's 10Q.  Likely
though, we'd need to close a "not a public company" loophole, and the "not
a US company" loophole, but I really think that'd have more effect than
anything else we could do.  Sarbaines-Oxley isn't a bad thing in my mind,
but it really is about money, and we as an industry could do much better
figuring out what should be reported, and how (both event and
protection-wise.)

Paul
[1] Apologies to the non-US readers for not having anything more global,
but if we get better, it'll help you too.

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards