Lets be Frank, Securing a country as devise and free as the United States is an up hill battle.
We are free to open a business and run in anyway we see fit, aside a few employee, Environmental, and Consumer regulations. Businesses Open and go out of business every day, this is what Drives the American and world Economies. No elected official is going to get in the way of that democratic, republican, conservative , Liberal, or progressive.
We have to start somewhere. Why not start at the manufactures of all Networked equipment and software. Easy place to start, Don't allow Default usernames and passwords, force consumers to setup security BEFORE than use that equipment, Force Multi Factor authentication.
Then we can move on to the next layer of the problem.
We have to start at some where, My personal view is you start at the lowest factor of the Software Stack, which is hardware and work your way up. But in reality is better to start SOMEWHERE Focused than continue on with the Reactive Nature of todays Laws and Security.
Well not a great example MCI World Com. Enron. and others caused a massive change to the Accounting World, for good or bad that is what it took to get change to happen. We need to make a change before something of that level happens in the Cyber Security Realm, as Cyber Security is a real time problem, not a problem that takes years or decades to bubble to the surface with cooked books.
Read more at Woods LLP