El European Network and Information Security Agency (ENISA) en agosto del 2007 publico el informe: La seguridad informática y su impacto económico (Security Economics and the Internal Market).
Algunos temas tratados en el documento de 114 paginas:
Information asymmetries
- Security breach disclosure laws
. Recommendation: Breach notification
- Metrics
- Information sharing
- Information sharing recommendations
. Recommendation: Electronic crime statistics
. Recommendation: Bad traffic statistics
. Recommendation: Bad traffic statistics
Externalities
- Fixing externalities using carrots
- Fixing externalities using sticks
. Recommendation: Removal of compromised machines
Liability assignment
- Software and systems liability options
. Recommendation: Secure equipment by default
- Patching
- Consumer policy
Dealing with the lack of diversity
Fragmentation of legislation and law enforcement
No hay comentarios:
Publicar un comentario