Members of the Business Software Alliance (BSA) have called on the U.S. Congress to pass legislation that would address new types of cybercrimes and increase funding for law enforcement.
Members of the BSA asked Congress to pass the Cyber-Security Enhancement Act, which would expand the computer crimes statute in US federal law to include the stealing of access codes or electronic identifiers from a computer. The bill would also make it a crime to access a computer without authorization, even if the access does not cause damage, and it would define a new crime of conspiracy to commit cybercrime.
U.S. computers have "never been so vulnerable to attack," said Art Coviello, president of the RSA security division of EMC. In many cases, the vulnerabilities come from companies and individuals needing to share more and more information with others, "without understanding the risks," he said.
Companies and individual computer users need to rethink the way they address security, said Coviello, speaking at a BSA forum. Computer users need to reject popular beliefs that security can be bolted on to software after it's developed and that security can be accomplished with a perimeter defense, he said.
Cybersecurity needs to become more granular, and organizations must begin to prioritize what information they need to keep most safe, Coviello said. "Security needs to adapt to facts and circumstances," he said.
Coviello criticized Congress, saying it only focuses on cybersecurity for a short time each year, when U.S. agency cybersecurity grades come out. In the following weeks, some members of Congress will get up in arms about all the bad grades, then forget about the issue, he said.
But what U.S. agencies need is funding for cybersecurity efforts, he said.
"Give money, not lectures," Coviello said. "Then you can hold people accountable."
The Cyber-Security Enhancement Act, introduced in May, would also give an additional US$10 million a year to three U.S. government agencies that fight cybercrime.
Representative Steve Chabot, a Republican and co-sponsor of the bill, told the BSA that more laws are needed to fight organized cybercrime.
"The rise in the number of sophisticated cybercrimes ... shows that we need to do more to protect individuals and businesses," Chabot said. "These cyberattacks are becoming increasingly sophisticated."