Go to:

July 2018
< Jun Aug >
Leaguer Email Subscription

You are not currently subscribed. Click Subscribe below to receive the Leaguer email.

Congress Considers Various Data Breach and Cybersecurity Legislation
Wednesday, April 22, 2015 6:40 AM

Sen. Kirsten Gillibrand (D-NY) discussed on Tuesday two new bipartisan bills to fight hackers. “Our approach to cybersecurity so far has been certifiably wrong,” Gillibrand said during brief remarks on the floor. “We desperately need to modernize our cyber laws.”

Sen. Mark Kirk (R-IL) is the lead on one of the bills, the Data Breach Notification and Punishing Cyber Criminals Act. The measure would raise punishments for hacking and require companies to notify customers within 30 days of discovering a data breach.

The other bill, the Cybersecurity Information Sharing Credit Act, would give companies a tax credit for sharing cyber threat data with other businesses in their industry. Sen. Jim Moran (R-KS) is also backing the measure.

The bills “would help to modernize the way this country approaches cybersecurity,” Gillibrand said. “Congress needs to get with the times and realize that the Internet is no longer a new concept.”

Congress has made cybersecurity legislation a top priority in 2015, following a series of massive data breaches at companies like Anthem, Home Depot, Target, and Sony. Both chambers have been working to move a series of bills that would encourage industry to share more cyber threat data with the government.

Lawmakers built a broad, bipartisan consent for the measures. The House is expected to pass its efforts this week, and the Senate will likely vote on its companion piece, the Cybersecurity Information Sharing Act (CISA), in the coming weeks.

But legislators have been less successful with other cyber bills. The Gillibrand-Kirk data breach notification bill is now the third iteration of Senate legislation introduced this year that would mandate some type of consumer notification following a data breach.

Sen. Bill Nelson (D-FL) has his own bill, which reflects a White House proposal. Sens. Tom Carper (D-DE) and Roy Blunt (R-MO) also released another version last week.

The Gillibrand-Kirk offering separates itself with language heightening fines and prison sentences for those found guilty of hacking.

Analysts and lawmakers admit there’s no clear route to passage for a data breach bill in the Senate. Some suspect backers might attach the measure to CISA when it hits the floor.

Gillibrand's other bill focuses on a specific portion of cyber threat data-sharing not addressed by CISA. In addition to the tax credits, the bill would establish a network of industry-specific cyber info-sharing hubs. These hubs already exist in many sectors—financial, retail—but do not necessarily exchange data between sectors.

“We have the largest defense budget in the world by far, but that hasn’t stopped our hospitals and banks from falling victim to a near constant barrage of attacks,” Gillibrand said. “We’re long overdue for a new national approach to cybersecurity.”


Source:  The Hill, 04/21/15