Skip Navigation

Report Recommends Punishing Firms with Loose Information Security

Bookmark and Share

Institutions and companies who are victims of hacking attacks due to poor data security policies should be penalized, suggests a report from the new Congressional Research Service (CRS). The report, titled "Terrorist Capabilities for Cyberattack," also suggests mandating that computer product vendors immediately report all serious vulnerabilities to the Homeland Security Department (DHS) as well as any vulnerabilities that have already been exploited. The report warns that increased physical security measures are forcing terrorists to recruit people with computer, engineering, and mathematics skills in order to get past the current protections. The report points to an IBM study showing a 50 percent increase of hacking incidents so far this year, with most attacks focusing on federal agencies and U.S. enterprises. The CRS also urges an increase in cooperation among international experts as well as a focus on strengthening organizations and enterprises against cyberterrorism.