BreachExchange mailing list archives
New Nationwide Breach Law Could Force Data-Centric Security Push
From: security curmudgeon <jericho () attrition org>
Date: Tue, 14 Jun 2011 02:25:53 -0500 (CDT)
---------- Forwarded message ---------- From: InfoSec News <alerts () infosecnews org> http://www.darkreading.com/database-security/167901020/security/security-management/230600093/new-nationwide-breach-law-could-force-data-centric-security-push.html By Ericka Chickowski Contributing Writer Dark Reading June 13, 2011 The surge in high-impact data breaches in the first half of 2011 -- and its resulting attention from consumers --is increasing the pressure on federal lawmakers and regulators to introduce nationwide data breach disclosure and protection laws. Though no one is sure what its final language might say, a federal law requiring companies to disclose their breaches has a better chance of passing this year than ever before, and experts believe that enterprises will need to bolster data-centric protection policies and monitoring programs to ready themselves. "It?s likely that any national data breach law will attempt to directly address data security," says Josh Shaul, CTO for Application Security Inc., an application security tool vendor. "This will force organizations to change today?s perimeter-focused IT security model to pay much more attention to protecting sensitive information where it lives in databases and file systems." Making the biggest waves last week was the introduction of the Personal Data Privacy and Security Act by Senator Patrick Leahy, which among other provisions would criminalize the cover-up of a data breach. If such a law introduces federal criminal charges against enterprises that do not disclose breaches in a timely manner, some experts believe that monitoring of account activity and potential breach signs would likely grow in importance. [...] _______________________________________________ Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://datalossdb.org/mailing_list Learn encryption strategies that manage risk and shore up compliance. Download Article 1 of CREDANT Technologies' The Essentials Series: Endpoint Data Encryption That Actually Works http://credant.com/campaigns/realtime2/gap-LP1/
Current thread:
- New Nationwide Breach Law Could Force Data-Centric Security Push security curmudgeon (Jun 15)
- Re: [Dataloss] New Nationwide Breach Law Could Force Data-Centric Security Push Jeffrey Walton (Jun 15)