A Flurry of Cyber Security Legislation in Washington

Sue Marquette Poremba
Slide Show

Five Warning Signs Your Security Policy Is Lacking

Warning signs of a weak security policy from SunGuard Availability Services.

We know that President Obama has made a big push toward improving the nation's approach to cyber security and electronic privacy issues. Now it looks like Congress has joined in and is taking a serious interest in these issues.

California Rep. Mary Bono Mack drafted a bill that would require companies that have suffered a data breach to notify law enforcement within 48 hours. However, the bill as it stands now wouldn't require those companies to notify customers as quickly. Instead, they'd have a 48-hour notification period after the company finished its assessment. A number of her colleagues in the House didn't agree on the long wait time for companies to notify the public of a problem. Part of the notification time concern stems from the backlash to recent breaches, like Sony and Citigroup, and the length of time that passed between the breach and alerting customers.

However, a change may be in the works. Reuters reported:

Chairman Bono Mack is open to the idea of making sure that there's a drop-dead certain time that companies have to report a breach," said Ken Johnson, Bono Mack's senior policy adviser on the issue.

A House bill introduced this week would require law enforcement to get a search warrant in order to track someone's location through a mobile device. The Senate introduced a similar bill, which adds a provision that a warrant would be needed to retrieve email stored on servers.

Another new Senate bill also deals with location privacy on mobile phones. According to an article in The Wall Street Journal:

[The bill introduced] by Democratic Sens. Al Franken of Minnesota and Richard Blumenthal of Connecticut would require companies like Apple and Google, as well as the makers of applications that run on their devices, to get a user's consent before sharing information with outsiders about the location of a mobile device.

Add Comment      Leave a comment on this blog post
Sep 20, 2011 7:14 AM Octavian Paler Octavian Paler  says:

While it is true that the same control systems are often used across multiple industries for developing antivirus security software, it is not necessarily true that these systems are used in the same way in those industries. It is the nature of the underlying process and the requirements for its safe operation that are more of a determining factor than the nature of the technology or product used, at least in my experience.


Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.