Home > Security News > Industry group uses awareness month to lobby for data breach laws
Security News:
EMAIL THIS LICENSING & REPRINTS

Industry group uses awareness month to lobby for data breach laws

By Robert Westervelt, News Editor
08 Oct 2007 | SearchSecurity.com

Security Wire Daily News
Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google

The Cyber Security Industry Alliance, a trade group made up of US-based security vendors, is in full gear to pressure members of Congress to enact data security and breach legislation.

The organization said it is using the National Cyber Security Awareness Month during the month of October to meet with congressional officials.

"CSIA and its member companies will spend much of the month seeking to educate members of Congress both in their Capitol Hill offices, and back in their district offices during congressional recesses, on the importance of making national data security and breach notification legislation a priority for enactment in the 110th Congress," the organization said in a statement.

Data security breaches:
UK group pushes for stiff data security breach laws: A group representing technology firms is pushing UK lawmakers to pass breach notification laws and data protection rules.

As data breaches snowball, IT pros look for answers: The Privacy Rights Clearinghouse says more than 166 million IDs have been compromised to date. IT professionals are seeking ways to ensure their companies don't add to the tally.

TJX should have had stronger Wi-Fi encryption, say Canadian officials: TJX Cos. should have moved faster to upgrade its Wi-Fi security from WEP encryption to WPA encryption, say Canadian officials.

Gap security breach exposes data on 800,000: The latest retailer to suffer a security breach is Gap Inc., which blames the exposure of data on 800,000 job applicants on a third-party vendor that manages the information.

A number of industry and consumer groups are pushing for data breach notification laws, calling for strict data protection rules and stiff penalties to force companies to better lock down their data. The massive data security breach at Framingham, Mass.-based TJX Cos. helped fuel the movement. Data breaches have become more public in recent years as a result of legislation in more than a dozen states that require companies and government agencies to notify consumers if their data is lost.

CSIA was launched in February 2004 as a public policy association and has been working with the U.S. Congress on the data security and other policy issues since its founding. RSA, a division of EMC, CA Inc., Symantec, and F-Secure Corp. are among the members of the alliance.

The CSIA criticized Congress for failing to pass a comprehensive data security law in 2006 requiring companies with data breaches to notify victims.

The group is calling for a law that emphasizes encryption. The group said the law would apply equally to all government agencies and businesses that collect and maintain personal information of consumers.

"By using the right technology and key security practices, consumers and businesses can not only protect their computers, identities and information from cyber criminals, but also play a proactive role in helping protect the nation's critical infrastructure from man-made threats," said Ron Teixeira, executive director, NCSA in a statement.

The movement for tougher laws in the United States is also growing globally. A trade association representing hundreds of technology firms in the UK is also pushing lawmakers there to develop a breach notification law and rigorous data protection rules. The group, called Intellect, has formed a data breach notification working group and is monitoring the affect of US-based data protection rules.

The Privacy Rights Clearinghouse, which tracks data breaches, says more than 166 million IDs have been compromised to date. Some IT pros say that government regulations and PCI DSS are already helping drive the need for better technology to protect systems containing consumer data.



Tags: Data Security Breach Laws and NotificationIdentity Theft and Data Security BreachesData PrivacyHIPAAFISMAPCI Data Security StandardSarbanes-Oxley ActVIEW ALL TAGS

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google




More Tips to Secure Your Network
Focused on Channel Security?
TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Reprints  |  Site Map




All Rights Reserved, Copyright 2003 - 2008, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts