• No events
AEC v1.0.4

Cyber Security Info

Another attempt to adopt U.S. cyber security law

December 13, 2013

Share Button

Another (fourth) initiative to adopt cyber security law has been made in U.S. Congress. After the failure of the original law in summer 2012, the U.S. Administration went the way of President Obama’s Executive Decision and voluntary NIST standards. However, it seems that no one believes that such solution would be satisfactory. Several other attempts to made cyber security standards obligatory have been made. The last one, by Senator Jay Rockefeller seem to have failed recently.

The Homeland Security Committee now comes with another attempt of cyber security legislation called National Cybersecurity and Critical Infrastructure Protection Act. It removes the most controversial parts of the previous drafts (obligation of private companies to report cyber security incidents) but also does not refer to the NIST’s Cyber Security Standards. Its main purpose is to establish Department of Homeland Security as a body responsible inside the administration for cyber security. DHS should cooperate as “an equal partner“ with private companies, provide them with information on latest threats and upon request also with assistance in risk assessment, incident handling and mitigation.

Source: FierceGovernmentIT

Share Button