- Top U.S. national security officials on Tuesday explained some ideal elements to a potential national data breach reporting law, describing the idea as one pathway to stopping massive security incidents like the SolarWinds hack.
- A national data breach reporting law would need to be clear and concise for companies to follow it, and generally not be a huge burden, said Tonya Ugoretz, deputy assistant director of the FBI.
- It might function as an alternative to government surveillance of private sector networks, a controversial idea previously suggested as a means of detecting cyber-espionage.
- The irony of the renewed demand for a national law stemming from the SolarWinds hack is that FireEye demonstrated the best-case scenario in voluntarily reporting that it was compromised, alerting the federal government to the broader threat, Hickey said.
– Tim Sparks | May 18, 2021