Secure Coding mailing list archives
Re: SearchSecurity: Cyber Security and the Law
From: Iván Arce <ivan.w.arce () gmail com>
Date: Thu, 09 Aug 2012 11:45:35 -0300
Gary, Could you elaborate a bit more? Specifically, what kind of incentives you have in mind? How would they work? The debate about what to do to improve software security at a national or larger scale is mostly populated with abstractions and generic ideas but the enumeration and description of concrete, specific measures to deploy is notably scant. -ivan On 8/3/12 9:32 AM, Gary McGraw wrote:
hi greg, Good question. I'm biased of course, but I think a BSIMM type measurement is the best way to approach this. (See http://bsimm.com.) However, regardless of measurement I strongly believe that incentives are way better than regulations and penalties.
_______________________________________________ Secure Coding mailing list (SC-L) SC-L () securecoding org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________
Current thread:
- SearchSecurity: Cyber Security and the Law Gary McGraw (Aug 02)
- Re: SearchSecurity: Cyber Security and the Law Jeffrey Walton (Aug 02)
- Re: SearchSecurity: Cyber Security and the Law Gary McGraw (Aug 02)
- Re: SearchSecurity: Cyber Security and the Law Greg Beeley (Aug 02)
- Re: SearchSecurity: Cyber Security and the Law Gary McGraw (Aug 08)
- Re: SearchSecurity: Cyber Security and the Law Iván Arce (Aug 09)
- Re: SearchSecurity: Cyber Security and the Law Lucas Ferreira (Aug 09)
- Re: SearchSecurity: Cyber Security and the Law Gary McGraw (Aug 02)
- Re: SearchSecurity: Cyber Security and the Law Iván Arce (Aug 08)
- Re: SearchSecurity: Cyber Security and the Law Jeffrey Walton (Aug 02)