Task Force Aims to Protect Online Business

Voluntary Conduct Codes to Address Internet Security
Task Force Aims to Protect Online Business
The Department of Commerce's Internet Policy Task Force has proposed a new framework for addressing the sharp rise in cyberattacks on Internet commerce, including vital businesses and government agencies that aren't part of the nation's critical IT infrastructure.

The newly released green paper, titled "Cybersecurity, Innovation and the Internet Economy," urges the federal government and businesses to come together to promote security standards to address emerging threats. These include thousands of new malware and viruses rising up each day. "While securing energy, financial, health and other resources remain vital, the future of the innovation and the economy will depend on the success of Internet companies and ensuring that these companies are trusted and secure is essential," Commerce Secretary Gary Locke said in the introduction of the green paper.

The task force's framework provides for four key areas:

  • Create a nationally recognized approach to minimize vulnerabilities for the Internet and information innovation sector. This approach includes a code of standards all participating entities should follow, applicable to organizations of different sizes and types. The task force is also pushing for an accelerated promotion of automation in security, where security and compliance can be constantly updated.
  • Develop incentives for the sector to combat cybersecurity threats. These incentives include security disclosure in the shape of a national cyber-breach notification law. Also, information sharing between public/private partnerships is encouraged.
  • Research the development of a better cost/benefit analysis on cybersecurity measures. Better targeted awareness efforts need to be implemented to educate companies and consumers.
  • Continue international collaboration to promote research, development, best practices and threat information to better advance cybersecurity standards.

In the next month and a half, Commerce hopes to receive suggestions from industry to formalize the Internet security framework that includes the development of security tools that can be used voluntarily.

Once standards are in place, how will the task force know their policies are successful? "You measure success by getting measures that actually work," says Ari Schwartz, a task force member who's a senior Internet policy adviser at the National Institute of Standards and Technology, a Commerce unit "Pick standards that would be quickly implemented."

By taking a voluntary approach to implementing Internet security standards, the task force hopes companies will come together and agree on a code of conduct, particularly with disclosure. "The downside is people will be singled out for not standing up with us, but that's an incentive as well," Schwartz says.

Besides NIST, the task force includes experts from the Economic and Statistics Administration, International Trade Administration, National Telecommunications and Information Administration and U.S. Patent and Trademark Office as well as the office of the Commerce secretary.

About the Author

Jeffrey Roman

Jeffrey Roman

News Writer, ISMG

Roman is the former News Writer for Information Security Media Group. Having worked for multiple publications at The College of New Jersey, including the College's newspaper "The Signal" and alumni magazine, Roman has experience in journalism, copy editing and communications.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.