CISPA Passes House: What's Next? - InformationWeek
IoT
IoT
Comments
CISPA Passes House: What's Next?
Oldest First  |  Newest First  |  Threaded View
Bprince
50%
50%
Bprince,
User Rank: Apprentice
4/28/2012 | 3:27:58 PM
re: CISPA Passes House: What's Next?
@readers - do you agree with the EFF that the language should be stronger when it comes to the liability of businesses?
Brian Prince, InformationWeek/Dark Reading Comment Moderator
MyW0r1d
50%
50%
MyW0r1d,
User Rank: Strategist
4/28/2012 | 11:44:23 PM
re: CISPA Passes House: What's Next?
The portion referenced in the article attributed to EFF does not make it clear if that is the current wording or the modified. I would say that any company where prior knowledge of a security flaw that went unresolved and was material to the loss of personal data should be held liable. I do not understand how any company could use a good faith defense (faith that they chose the risk of not having an incident as acceptable).

The amount of information they are holding is frightening. I called my bank recently to make an inquiry. Before proceeding, I was asked to identify from the five cities that they would list which one had some relationship to my "family." Naturally, I expected a personal list. My surprise when the only one identifiable was the Georgia residence (population 500) of a brother's short term, second wife divorced at least ten years prior (my families origins are on the other side of the US). Thank goodness I remembered but I was equally certain to have never listed it on any of my personal history forms. How and what kind of family history are banks assembling, storing, and what is reasonable retention? If this kind of detail was obtained through a cyber break in, it is clear how easily identity theft could be effected. I am far more concerned on the commercial institutions use and security of my personal data than that of the government's.


How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
Digital Transformation Myths & Truths
Transformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.
Video
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll