Task force backs US security breach disclosure laws

June 10, 2011
Cyber Security, FedCyber Wire
No Comment

via IT News

A US task force has backed calls for the introduction of national laws that would require firms to notify the public of cyber security breaches.

The task force, operating under the US Department of Commerce, noted that while state laws had been successful in getting private sector organisations focused on security, “the differences among these state laws present undue costs to American businesses”.

“A legislated and comprehensive national approach to commercial data breach will provide clarity to individuals regarding the protection of their information throughout the United States, streamline industry compliance, and allow businesses to develop a strong, nationwide data management strategy,” the task force said.

It was supportive of disclosure laws because they served as a “light handed negative incentive… to encourage firms to better secure the personal information that they hold about individuals and take steps to prevent the breaches that cause them.”

The proposed national law is part of sweeping reforms announced by the Obama administration in May.

Such laws have been talked about in the United States for several years.

A series of recent high-profile security breaches have put the issue firmly back on the political agenda.

Continued here.