ºÝºÝߣ

Editor's Notes

• #3: Do we want a military and intelligence community vision of information sharing? Or do we treat information risk as a health and safety issue
• #5: CDC - Mandatory Reporting of Infectious Diseases by Clinicians Under the OSHA Recordkeeping regulation (29 CFR 1904),?covered?employers are required to prepare and maintain records of serious occupational injuries and illnesses, using the OSHA 300 Log. This information is important for employers, workers and OSHA in evaluating the safety of a workplace, understanding industry hazards, and implementing worker protections to reduce and eliminate hazards. Dangerous Products (Section 15)?- Manufacturers, importers, distributors, and retailers are?required to report?to CPSC under?Section 15 (b) of the Consumer Product Safety Act?(CPSA)?within 24 hours?of obtaining information which reasonably supports the conclusion that a product does not comply with a safety rule issued under the CPSA, or contains a defect which could create a substantial risk of injury to the public or presents an unreasonable risk of serious injury or death, 15 U.S.C. ¡ì 2064(b). Companies can use our?on-line form?to report a potentially defective or hazardous product. NTSB Federal regulations require operators to notify the NTSB immediately of aviation accidents and certain incidents. An accident is defined as an occurrence associated with the operation of an aircraft that takes place between the time any person boards the aircraft with the intention of flight and all such persons have disembarked, and in which any person suffers death or serious injury, or in which the aircraft receives substantial damage. An incident is an occurrence other than an accident that affects or could affect the safety of operations. (See?49 CFR 830.)
• #6: First commercial air traffic in the 1920¡¯s. NTSB created in 1938. About 20 years after commercial air transport begins formal incident investigation begins. We are more about 23 years into the internet era and incident investigation is fragmented.
• #10: Safety Recommendations Safety recommendations are issued by the NTSB following the investigation of transportation accidents and the completion of safety studies. Recommendations usually address a specific issue uncovered during an investigation or study and specify how to correct the situation. Letters containing the recommendations are sent to the organization best able to address the safety issue, whether it is public or private.?Learn More > Safety Alerts Take action to improve your safety and the safety of your family and friends by following the suggestions in these NTSB Safety Alerts. NTSB Safety Alerts provide safety information you can use, and urge you to encourage lawmakers to improve safety at the State level.
• #12: Is getting Conficker in 2016 an attack or an accident or is it like catching a disease?
• #13: Aren¡¯t most security incidents closer to getting Cholera than getting attacked. They are incidents of opportunity. Dan Geer says to look at systems as an ecosystem where organisms survive in an available niche. A vulnerable system is a niche
• #14: Aren¡¯t most security incidents closer to getting Cholera than getting attacked. They are incidents of opportunity. Dan Geer says to look at systems as an ecosystem where organisms survive in an available niche. A vulnerable system is a niche. The organism might consume your resources, algae in a pond, locusts eating your crops, cholera might kill you. These organisms are looking out for them selves but they might harm you.
• #15: An unsafe system when used as it is intended will have bad consequences. Creating heat around a flammable object might cause a fire if it isn¡¯t done safely. Exchanging data on the internet might lead to a compromised system if not done safely.
• #18: Surveillance state. Centralized governmental power over information security.
• #21: Public companies would need to disclose cybersecurity expertise at board level in SEC docs If they can¡¯t they have to disclose how cyber risk is governed and why what they are doing is OK. These help transparancy and can unlock market forces of liability and insurance.
• #23: Why are consumer of software asking this question? We are starting to see it in enterprises, Financial Service.