Department of Homeland Security chief Tom Ridge, said during an address before members of the Business Software Alliance that discussions of that nature have begun between his agency and the Securities and Exchange Commission.
Ridge gave the precedent of Y2K compliance disclosure requirements, which the SEC mandated in 1997, as how such a system has been used before.
He also believes the marketplace is ready to reward security in a big way, because security means reliability, which he claims is worth a lot to a customer buying software or hardware.
Such disclosure requirements could prove a boon to the IT security industry. Many companies would be reluctant to confess to inadequate security and could up their spending in the area.
The publication of the National Strategy to Secure Cyberspace, published early this year pre-empted these latest comments.
As far as the government’s part of the Strategy is going, Ridge replied: It’s a work in progress.
He confirmed that the recently created Internet division of the DHS’s Information Analysis Infrastructure Protection unit would become a needs far more collaboration with the private sector.
The Strategy is designed to fend off attacks from terrorists. However, based on currently available evidence, online terrorism is merely a theoretical threat when compared to the amount of vandalism and theft actively carried out online.
This article was based on material originally published by ComputerWire.
