February 22, 2012 — CSO

While the government may be in a rush to get the Cybersecurity Act of 2012 enacted, many in the industry are saying: not so fast.

Chief information security officers, industry analysts, and others question whether the move is needed—or even wise.

“The Federal government already has the power to put security requirements into all of its purchase requests—in fact, in many cases it already does so. This is the biggest area where the government can improve security—by driving the software and IT companies to develop more secure products,” said Gartner analyst John Pescatore.

“Not by trying to mandate security levels,” he said.MORE on SRC