Last week Rep. Wilson (R,SC) introduced HR 2708, a bill that
would direct the Director of National Intelligence to conduct a study on cyber-attack
standards of measurement. The preliminary findings would be reported to
Congress in 180-days and the final report within 1-year.
The Director would conduct a study (in conjunction with DHS,
DOD, and the FBI) to determine standards that could “be used to measure the
damage of cyber incidents for the purposes of determining the response to such
incidents” {§1(a)(1)}.
Those standards would “include a method for quantifying the damage caused to
affected computers, systems, and devices” {§1(a)(2)}.
Moving Forward
Wilson is not a member of the House Intelligence Committee
so it is extremely unlikely that the Committee will take up this bill for
consideration. If this ever does make it to the floor there is certainly
nothing in the bill that would raise any significant opposition.
Commentary
This is one of the sillier pieces of legislation that I have
seen. While there is certainly a place for determining the cost of a cyber-attack
it is almost certainly not an intelligence function; at least not if we are
measuring the cost in the United States.
Posts
No comments:
Post a Comment