| Main Archive Page > Month Archives > infosec-news archives |
[ISN] New Nationwide Breach Law Could Force Data-Centric Security Push
From: InfoSec News <alerts_at_nospam>Date: Tue Jun 14 2011 - 07:11:38 GMT
To: isn@infosecnews.org
By Ericka Chickowski
Contributing Writer
Dark Reading
June 13, 2011
The surge in high-impact data breaches in the first half of 2011 -- and
its resulting attention from consumers --is increasing the pressure on
federal lawmakers and regulators to introduce nationwide data breach
disclosure and protection laws.
Though no one is sure what its final language might say, a federal law
requiring companies to disclose their breaches has a better chance of
passing this year than ever before, and experts believe that enterprises
will need to bolster data-centric protection policies and monitoring
programs to ready themselves.
"It’s likely that any national data breach law will attempt to directly
address data security," says Josh Shaul, CTO for Application Security
Inc., an application security tool vendor. "This will force organizations
to change today’s perimeter-focused IT security model to pay much more
attention to protecting sensitive information where it lives in databases
and file systems."
Making the biggest waves last week was the introduction of the Personal
Data Privacy and Security Act by Senator Patrick Leahy, which among other
provisions would criminalize the cover-up of a data breach. If such a law
introduces federal criminal charges against enterprises that do not
disclose breaches in a timely manner, some experts believe that monitoring
of account activity and potential breach signs would likely grow in
importance.
[...]
___________________________________________________________
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery
Network, Cisco Switches, SAS 70 Type II Datacenter.
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/