Chapter 6: Security and the Law


With the rash of cyberincidents that have taken a huge financial toll on governments and businesses over the last decade , legislators began to see that laws needed to be enacted to control the Wild West environment that existed in cyberspace . Laws have been enacted to protect privacy, infrastructure, people, companies, and just about anything that uses a computer or any form of computer technology. In this chapter, we discuss the most significant of those laws and how they affect corporate operations.

6.1 The 1996 National Information Infrastructure Protection Act

In 1996, when this law was passed, legislators were presented with some startling statistics. For example, the Computer Emergency and Response Team (CERT) at Carnegie-Mellon University in Pittsburg, Pennsylvania, reported a 498 percent increase in the number of computer intrusions and a 702 percent rise in the number of sites affected with such intrusions in the three-year period from 1991 through 1994. [1] During 1994, approximately 40,000 Internet computers were attacked in 2,460 incidents. Similarly, the FBI's National Computer Crime Squad opened more than 200 hacker cases from 1991 to 1994.

Before passing this law, legislators realized that there are two ways, conceptually, to address the growing computer crime problem. The first would be to comb through the entire U.S. Code, identifying and amending every statute potentially affected by the implementation of new computer and telecommunications technologies. The second approach would be to focus substantive amendments on the Computer Fraud and Abuse Act to specifically address new abuses that spring from the misuse of new technologies. The new legislation adopted the latter approach for a host of reasons, but the net effect of this approach was set revamping of our laws to address computer- related criminal activity. The full text of the legislative analysis can be found on the Web. [2]

With these changes, the United States stepped into the forefront of rethinking how information technology crimes must be addressed ” simultaneously protecting the confidentiality, integrity, and availability of data and systems. By choosing this path , the hope was to encourage other countries to adopt a similar framework, thus creating a more uniform approach to addressing computer crime in the existing global information infrastructure.




Wireless Operational Security
Wireless Operational Security
ISBN: 1555583172
EAN: 2147483647
Year: 2004
Pages: 153

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net