Emmanuel Gadaix, wrote:
> What would you think of the following: let's pass some law that force the
> sysadmin of a site to comply with some security standards. Let's have
> fines for sites that are broken into.
If you deal with government information assets there already is such a
law. The EEA (Economic Espionage Act) requires due diligence with regards
to safeguarding intellectual property. At least that's how the law was
explained at NetSec (CSI) seminars last year. Looking through the EEA
documentation available on the web however doesn't turn up any specific
references to due diligence.
Roble Systems Consulting