The legislative blueprint for comprehensive cybersecurity legislation would strike a critical balance between strengthening security, preserving privacy and civil liberties protection and fostering continued economic growth, an official says.
Five Democratic senators point to inconsistencies in corporate Security and Exchange Commission reporting, investor confusion and the national importance of addressing cybersecurity for the need of new guidance.
"Raising the security awareness of your workforce is your best defense against having a breach incident," says David Holtzman, who's on the federal team that enforces the HITECH Act breach notification rule.
Plan would nationalize breach notification law, set penalties for cybercrimes and protect businesses from lawsuits that share cybersecurity information with DHS as well as promote the use of cloud computing.
"Our ability to provide immediate response to vulnerabilities and threats ... is quickly establishing VA as a model of excellence for the rest of the federal government."
VA CIO Roger Baker says in testimony before a House panel.
A key factor in ensuring that information technology is available in the wake of a disaster is cross-training IT staff to handle multiple roles, says Terrell Herzig, information security officer at UAB Medicine.
Globally, countries and organizations now recognize the need for a unified approach for managing IT infrastructure services, says Marlin Pohlman of the Cloud Security Alliance. The trick is developing this new set of global standards.
"No one up here wants to stop Apple or Google from doing the incredible things that you do," Sen. Al Franken says. "What today is about is trying to find a balance between all of those wonderful benefits and the public's right to privacy."