National security officials outline hopes for US data breach notification law

National security officials outline hopes for US data breach notification law

Posted May 18, 2021

National security officials outline hopes for US data breach notification law

  • Top U.S. national security officials on Tuesday explained some ideal elements to a potential national data breach reporting law, describing the idea as one pathway to stopping massive security incidents like the SolarWinds hack.
  • A national data breach reporting law would need to be clear and concise for companies to follow it, and generally not be a huge burden, said Tonya Ugoretz, deputy assistant director of the FBI.
  • It might function as an alternative to government surveillance of private sector networks, a controversial idea previously suggested as a means of detecting cyber-espionage.
  • The irony of the renewed demand for a national law stemming from the SolarWinds hack is that FireEye demonstrated the best-case scenario in voluntarily reporting that it was compromised, alerting the federal government to the broader threat, Hickey said.

– Tim Sparks | May 18, 2021