When most agencies within the federal government can not score a B or better, what makes you think that they can do cyber investigations? Also the idea the companies retains records for exteneded periods of time is shaddy. For one the types of records need to be identified? What if the record contains PII? Asking a vague request and mandating these types of expectation with out thinking the liabilities and ramifications of companies is a big issue. This increases a companies risk yet it could be with law mandated requirements to protect the data or insurances or bonds these companies must carry. As far as I remeber this country is built on capitalism and having too many goverment mandates and laws that affect their business can have a bottom line of doing business in the US. Geez let's aim before we shoot. I can go on and on but I think my point is well understood.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/newsbriefs/728/2466#2466