Time for a federal data breach law
Last week's revelations that criminal hackers stole the records of 4 million current and former federal employees from the Office of Personnel and Management is a sharp reminder of the staggering toll of data breaches in the US. Over the past 10 years, more than 5,200 data breaches have exposed almost 800 million records, including people’s names and sensitive information such as Social Security Numbers, driver’s license numbers, and medical or financial records.
During the same period, states have enacted a dizzying variety of laws requiring companies to notify consumers in the event of a breach. As a result, we have a national patchwork quilt of differing requirements that together provide decidedly uneven protection.
The lack of a uniform federal standard for data breach notification also has created an unnecessarily complex situation for companies, which must now spend more time navigating this murky legal terrain than actually protecting consumer data. Congress should act swiftly to pass a strong federal data breach law that preempts all the conflicting state laws. Read more. // Daniel Castro and Alan McQuinn
During the same period, states have enacted a dizzying variety of laws requiring companies to notify consumers in the event of a breach. As a result, we have a national patchwork quilt of differing requirements that together provide decidedly uneven protection.
The lack of a uniform federal standard for data breach notification also has created an unnecessarily complex situation for companies, which must now spend more time navigating this murky legal terrain than actually protecting consumer data. Congress should act swiftly to pass a strong federal data breach law that preempts all the conflicting state laws. Read more. // Daniel Castro and Alan McQuinn
Why Apple's new security features set high bar for tech industry
Apple doubles down on security in iOS 9. The upgrades comes as the company has publicly challenged federal law enforcement efforts to weaken encryption on consumer devices. // Malena Carollo
|
Despite billions spent, US federal agencies struggle with cybersecurity
Data breaches such as the ones at the Office of Personnel Management, Internal Revenue Service, and State Department show government networks remain dangerously exposed. // Jaikumar Vijayan
France moves closer to adopting expansive surveillance law
The French Senate overwhelming passed a data collection bill on Tuesday that would give its intelligence agencies new powers to monitor phone metadata and online activities. // Colette Davidson
Passcode Influencers oppose US plan to limit export of software flaws
While the guidelines were offered in large part to help block the export of military-grade spyware to repressive regimes, 77 percent worry the new rules could hinder legitimate analysis of computer security weaknesses. // Sara Sorcher
Russian security firm becomes target of sophisticated malware campaign Kaspersky Lab made a name for itself by identifying advanced malicious software campaigns. Now it says it was the victim of a malware campaign that some experts have linked to Israel. // Paul F. Roberts Economic impact of NSA spying 'will far exceed $35 billion'
The Information Technology and Innovation Foundation reported in 2013 that the impact of the Edward Snowden revelations would be between $21 billion to $35 billion as foreign markets shunned domestic cloud services. Now, the ITIF says it underestimated. // ITIF
In the 1990s, France bugged Air France first-class passengers
"The idea was that business people relaxing on a long trip, and perhaps enjoying a drink or two, might discuss all manner of commercially sensitive information, oblivious to the possibility of eavesdropping. The motive was economic espionage rather than national security or antiterrorism." // The Register
Reputation matters
What’s driving companies to push for increased cybersecurity measures is less about the intellectual property the security systems are protecting, and more about the company’s reputation, a new study by the RAND Corp. found. // RAND
|
