CHKP Check Point Software Technologies Inc

Cyber Security Industry Alliance Provides Policy Guidance for Securing Electronic Data CSIA Offers Congress Recommendations as National Policies are Developed for the Privacy and Protection of Personal Information WASHINGTON, April 20 /PRNewswire/ -- Cyber Security Industry Alliance (CSIA), the only CEO-led public policy and advocacy group exclusively focused on cyber security policy issues, today released a report, "Policy Considerations for Securing Electronic Data," outlining policy considerations and technical safeguards for Congress to consider as it works to help protect consumers' personally identifiable information. The security breaches at ChoicePoint, Lexis Nexis and a number of U.S. universities and colleges have led Congress to address identity theft with new legislation. CSIA supports aspects of different bills which have been introduced, such as federal preemption for breach notification, as well as various provisions that call for best practices regarding authentication, encryption and monitoring. "Every breach of personal information is another reason for consumers to lose trust in our information systems," said Paul Kurtz, executive director of CSIA. "We believe the right approach to securing consumers' sensitive data requires a blend of appropriate policies, technical expertise and security technologies. Congress must put in place national policies for reducing identity theft, protecting consumer privacy and ensuring the safekeeping of personally identifiable information." Current legislation under consideration includes: the Information Protection and Security Act (S.500 and H.R. 1080, introduced by Sen. Nelson and Rep Markey), the Schumer-Nelson Identity Theft Prevention bill (S.768) and Senator Feinstein's Notification of Risk to Personal Data (S.751). More legislation is expected to be introduced. In its report, CSIA strongly advises Congress to establish a set of national policies in conjunction with the private sector for the protection and privacy of personal information, including a framework for protection by denoting areas of risk, security solution requirements and best practices. CSIA asks Congress to consider the following recommendations: * Take a comprehensive approach to addressing cyber security issues. Currently, Congress is considering cyber security problems such as spyware, phishing, and data warehouse security on an individual basis. * CSIA supports federal preemption of the multitude of breach notification laws being passed in State legislatures. * CSIA encourages the investigation of incentives, such as tax benefits, to encourage businesses to implement stronger cyber security. * Harmonize any new legislation with existing legislation at the federal level, filling gaps rather than duplicating requirements already contained in existing law, such as Gramm Leach Bliley Act (GLBA), the Health Insurance Portability and Accounting Act (HIPAA) and the Fair Credit Reporting Act (FCRA). Use existing security standards wherever possible, rather than creating new ones. * Encourage broader use of security technologies without mandating specific technology solutions. Urge adoption of the approach utilized in CA 1386 which calls for disclosure of a breach involving unencrypted data. * Advocate for the Senate ratification of the Council of Europe's Treaty on Cyber-Crimes, which assures the public that appropriate laws and procedures will be available to prosecute cyber-criminals on a global basis. CSIA also recommends that ensuring security and privacy requires protecting the storage of information, such as names, addresses, social security numbers, dates of birth and credit reports, as well as protecting the movement of data to and from the data warehouse. Technical safeguards must be considered at three levels, including data storage security, systems security and network security. To obtain a complete copy of CSIA's "Policy Considerations for Securing Electronic Data," please visit http://www.csialliance.org/. About CSIA Launched in February 2004 by a group of cyber security software, hardware and services companies, the CSIA is an advocacy group whose mission is to enhance cyber security through public policy initiatives, public sector partnerships, corporate outreach, academic programs, alignment behind emerging industry technology standards and public education. The CSIA is the only CEO public policy and advocacy group comprised exclusively of security software, hardware and service vendors that is addressing key cyber security issues. Members of the CSIA include BindView Corp. (NASDAQ:BVEW); Check Point Software Technologies Ltd. (NASDAQ:CHKP); Citadel Security Software Inc. (NASDAQ:CDSS); Citrix Systems, Inc. (NASDAQ:CTXS); Computer Associates International, Inc. (NYSE:CA); Entrust, Inc. (NASDAQ:ENTU); Internet Security Systems Inc. (NASDAQ:ISSX); iPass Inc. (NASDAQ:IPAS); Juniper Networks, Inc. (NASDAQ:JNPR); McAfee, Inc. (NYSE:MFE); PGP Corporation; Qualys, Inc.; RSA Security Inc. (NASDAQ:RSAS); Secure Computing Corporation (NASDAQ:SCUR), Symantec Corporation (NASDAQ:SYMC) and TechGuard Security, LLC. To learn more about the CSIA, please visit our Web site at http://www.csialliance.org/ or call +1-703-894-2742. DATASOURCE: Cyber Security Industry Alliance CONTACT: Michelle Schafer of Merritt Group, +1-703-390-1530, or , for the Cyber Security Industry Alliance Web site: http://www.csialliance.org/

Copyright