President Obama has introduced three legislative proposals that would bolster cybersecurity efforts and protection, according to the White House.
The first proposal updates a previously drafted law that would better enable cybersecurity information sharing between the government and the private sector. The proposal encourages the private sector to share cyber threat information with the Department of Homeland Security's National Cybersecurity and Communications Integration Center, which would then share the information with relevant federal agencies and private sector-operated analysis organizations to provide targeted liability protection.
Additionally, the legislation would require private organizations to adhere to a number of privacy restrictions, such as removing unnecessary personal information and protecting personal information that must be shared in order to qualify for liability protection.
The White House outlined another updated proposal on security breach reporting. The updated proposal simplifies and standardizes data breach reporting requirements nationwide into one federal statute. Currently 46 states have their own laws and requirements. A CIO report says the updated proposal allows organizations within 30 days of being hacked to notify affected customers.
President Obama also introduced a new bill that would allow law enforcements to prosecute those who sell botnets — collections of Internet-connected programs that continuously communicate with one another — and criminalize selling stolen U.S. financial information overseas.
While healthcare already has its own sets of laws regarding data breach notification and protected health information, the White House appears to be announcing these proposals as the threat of cyber attacks looms in other industries as well, largely spurred by the recent attack on Sony Pictures.
More articles on cybersecurity:
Who should be held responsible for device cybersecurity?
University at Albany home to new cybersecurity, data breach research library
Missing health data among ECRI's top 10 safety risks