“The primary objective of FDA’s India Office, is to ensure that food and medical products exported from India to the US are safe, of good quality, and are effective.”
today’s internet dependent economies demand the same level of safety from software that humans expect from medicines? However, when the world is focused on mitigating[mi-ti,geyt(lessen,कमी)] the pernicious[pu'ni-shus(deadly,घातक)] and hugely expensive episodes of cyber attacks, the US seeks to impose controls on exports of cyber security products and services by implementing the Wassenaar changes. To recall, in December 2013, the Wassenaar Arrangement extended its reach to the cyber world.
It was unsurprising then that the US technology sector vociferously[vow'si-fu-rus-lee(in a loudly manner,शोरगुल के साथ)] opposed the proposals of the US Department of Commerce- Bureau of Industry and Security - for the implementation of the Wassenaar changes. The Department has since committed to drafting new rules to replace/amend the earlier draft.
Setting up FDA type software security offices in key countries exporting software to the US might well benefit the US more than imposing controls on exports of cyber security products. While the Wassenaar Arrangement might have worked in the physical world, will it work in the borderless cyber world?
And especially at a time when it is facing economic headwinds and under sanctions from the US and the EU? It does not seem to be in Russia’s interest at all, given its enormous[i'nor-mus(big,बड़ा)] strengths in the cyber security area and the huge market for such products.
Interestingly, according to The Economist, Israel now earns more from exports of internet security products than from arms sales.
According to Experian, the compromise of an internal server exposed names, dates of birth, addresses, social security numbers and/or drivers’ license numbers, as well as additional information used in T-Mobile’s own credit assessment. The vulnerability[vúl-nu-ru'bi-lu-tee(weakness,कमज़ोरी)] in the internal server could have well come from source code developed by firms outside the US or from use of data centres in other countries.
While such suppliers may well have local software security compliance certification, the quality of certification is suspect.
Compliance certification is more of a box ticking nature. As such, the US should adopt the FDA model for the software sector and a country like India which is a large exporter of software to the US, would be an ideal location to pilot the onshore software policeman model.
No comments:
Post a Comment