Kevin Beaver's Security Blog

Has Sarbanes-Oxley failed us?

….no, surely not!? But then again…

Those of us in IT and information security know all about Sarbanes Oxley. You know the Public Company Accounting Reform and Investor Protection Act of 2002 that our Imperial Federal Government put in place back in 2002…?

That was then…now look at the mess we’re in. Lehman Brothers, AIG, Fannie Mae, Freddie Mac – all living proof that Sarbanes Oxley is a failed piece of reactive legislation. Now we’re talking about every day people – me and you – having to pay $700 billion to bail out these failures all because of bad policies. And our government going to do a better job of running things? Ha!

There’s also HIPAA, GLBA, PCI and many many other regulations affecting our work that many business leaders don’t know (or care) about…When’s the fallout from these going to occur? Probably in a few years when some new bureaucrat touting “change” wants to buy a few votes.

I’ve got a bad taste in my mouth: compliance.

Too bad business leaders can’t do what’s right. Furthermore, too bad people can’t think long term and realize the consequences of knee-jerk reactions like what our government “leaders” are attempting to put in place now. Just like Sarbanes-Oxley back in 2002.

Things that affect us in our work and affect us in our economy could be worked out in a free market. I think those days are gone. Probably more job security for those of us in this field but too bad for the good old U.S. of A.