Congress Considers Cybersecurity Legislation
As the U.S. Congress reconvened after a month-long break, legislation imposing cybersecurity requirements on private industry, including a proposal that would require public companies to report their cybersecurity efforts, may be on the way.
No bill has been introduced yet, but one proposal being considered would require companies to fill out a cybersecurity checklist in their filings with the U.S. Securities and Exchange Commission. Representative Adam Putnam, chairman of the House Government Reform Committee's Subcommittee on Technology, Information Policy, Intergovernmental Relations and the Census, will consider introducing such a bill late this year, according to Bob Dix, the subcommittee's staff director.
While antispam legislation will continue to be the major technology focus in Congress this fall, Putnam's subcommittee looked at the pluses and minuses of a cybersecurity reporting requirements, similar to SEC accounting reporting requirements mandated in the Sarbanes-Oxley Act of 2002, Dix said.
Such laws would raise awareness of cybersecurity issues above the CIO level to CEOs, while likely avoiding specific cybersecurity requirements that may not fit all businesses, said Daniel Burton, vice president of government affairs for security vendor Entrust.
Different companies have different security needs and different risks, however, so it is impossible to set up a mandate that works well for everyone.
The bill would be intended to raise cybersecurity awareness among top-level executives at companies.
If such a bill is introduced, the subcommittee would expect some opposition. Their guess is there will be some who say anything that the government proposes is a great burden.
But Congress may feel the need to act on cybersecurity legislation if more viruses or worms are unleashed onto the Internet, said Robert Housman, a lawyer in the homeland security practice of the law firm Bracewell & Patterson LLP in Washington, D.C. In the past month, the Sobig and Blaster worms infected computers worldwide, causing millions of dollars in damage, and Congress may be compelled to take some action, Housman predicted.
There are a number of things that are working together that are going to result in some form of legislation on cybersecurity. As we all know, there are already many new areas that are being approached and handled daily.
In addition to viruses and worms, the number of attacks on company networks continue to climb.
On top of all that, there is a perception, right or wrong, among a lot of the regulators and congressional members that not enough is happening on the cyber front, that companies still remain vulnerable. Because of that, there is a growing impetus to legislate or regulate.
Expect to see some sort of cybersecurity legislation getting serious attention in Congress this and next year.
If you run a major business, there is no doubt that you're getting attempts to break into your system on a fairly regular basis. When you start having to report those numbers, if that's one of the things (the legislation) does, that could certainly make some of your shareholders a little queasy.
You will find much more on this topic at WorldsLargestNetwork.com
| |||||||
 | |||||||
| |||||||
| |||||||
| |||||||
|
WorldsLargestNetwork.com
