Cybersecurity incentives, not mandates, needed

The U.S. Congress should look to provide incentives for private businesses to adopt stronger cybersecurity practices instead of creating new mandates, one information security expert told a congressional subcommittee Friday.

One role for government would be to continue to encourage the development of DNS Security Extensions, or DNSSec, a package of security fixes for the Internet Domain Name System, said Dan Kaminsky, director of penetration testing at cybersecurity vendor IOActive.

DNSSec would allow organizations to better trust Internet traffic coming from the outside, he said. "It will take some work; it will take a lot of work," Kaminsky added.

Source: "Expert: Cybersecurity incentives, not mandates, needed", Grant Gross, Retrieved on 05/02/2009 form webwereld.nl/internationaal-nieuws/57708/expert--cybersecurity-incentives--not-mandates--needed.html