Others say they also feel there's a sense of urgency in setting mandatory security and audit requirements that would involve stricter government oversight for industries such as electric power.

Chris Petersen, CTO at LogRhythm, says it's his personal view as someone who feels patriotic toward his country, that it's time to have effective mandatory requirements over critical-infrastructure such as the power grid and water systems.

Petersen says the situation in terms of ongoing attacks already feels like "a perpetual state of war" as attackers, possibly including nation-states, are constantly probing networks. New government regulation probably would add expense, he acknowledges, so it might be a good idea to have some sort of "subsidy" to cover that, he says. "But there needs to be some sort of auditability and enforcement."

Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: MessmerE. E-mail: emessmer@nww.com.

in Network World's Wide Area Network section.