Congress should take a comprehensive approach to cybersecurity instead of its current way of dealing with spyware, phishing, and data warehouse security on a piecemeal basis, according to the Cyber Security Industry Alliance (CSIA).
CSIA, a group of cybersecurity vendors, on Wednesday issued a report with several recommendations for Congress to consider as it weighs various proposals to protect consumers' personal data.
The group supports a federal requirement for security breach notification to preempt the many breach notification laws being passed by state lawmakers. It also recommends that any new legislation fill gaps in existing legislation, such as HIPAA and the Gramm Leach Bliley Act, instead of duplicating requirements already included in those laws.
Lawmakers should investigate incentives, such as tax benefits, to encourage companies to implement stronger cybersecurity, according to CSIA, which also suggested that Congress encourage broader use of security technologies without mandating specific solutions.
CSIA's report, "Policy Considerations for Securing Electronic Data," is available at www.csialliance.org