National security officials outline hopes for US data breach notification law

National security officials outline hopes for US data breach notification law

  • Top U.S. national security officials on Tuesday explained some ideal elements to a potential national data breach reporting law, describing the idea as one pathway to stopping massive security incidents like the SolarWinds hack.
  • A national data breach reporting law would need to be clear and concise for companies to follow it, and generally not be a huge burden, said Tonya Ugoretz, deputy assistant director of the FBI.
  • It might function as an alternative to government surveillance of private sector networks, a controversial idea previously suggested as a means of detecting cyber-espionage.
  • The irony of the renewed demand for a national law stemming from the SolarWinds hack is that FireEye demonstrated the best-case scenario in voluntarily reporting that it was compromised, alerting the federal government to the broader threat, Hickey said.

– Tim Sparks | May 18, 2021