Cyber Security Industry Alliance Provides Policy Guidance for Securing Electronic Data
April 20 2005 - 10:26AM
PR Newswire (US)
Cyber Security Industry Alliance Provides Policy Guidance for
Securing Electronic Data CSIA Offers Congress Recommendations as
National Policies are Developed for the Privacy and Protection of
Personal Information WASHINGTON, April 20 /PRNewswire/ -- Cyber
Security Industry Alliance (CSIA), the only CEO-led public policy
and advocacy group exclusively focused on cyber security policy
issues, today released a report, "Policy Considerations for
Securing Electronic Data," outlining policy considerations and
technical safeguards for Congress to consider as it works to help
protect consumers' personally identifiable information. The
security breaches at ChoicePoint, Lexis Nexis and a number of U.S.
universities and colleges have led Congress to address identity
theft with new legislation. CSIA supports aspects of different
bills which have been introduced, such as federal preemption for
breach notification, as well as various provisions that call for
best practices regarding authentication, encryption and monitoring.
"Every breach of personal information is another reason for
consumers to lose trust in our information systems," said Paul
Kurtz, executive director of CSIA. "We believe the right approach
to securing consumers' sensitive data requires a blend of
appropriate policies, technical expertise and security
technologies. Congress must put in place national policies for
reducing identity theft, protecting consumer privacy and ensuring
the safekeeping of personally identifiable information." Current
legislation under consideration includes: the Information
Protection and Security Act (S.500 and H.R. 1080, introduced by
Sen. Nelson and Rep Markey), the Schumer-Nelson Identity Theft
Prevention bill (S.768) and Senator Feinstein's Notification of
Risk to Personal Data (S.751). More legislation is expected to be
introduced. In its report, CSIA strongly advises Congress to
establish a set of national policies in conjunction with the
private sector for the protection and privacy of personal
information, including a framework for protection by denoting areas
of risk, security solution requirements and best practices. CSIA
asks Congress to consider the following recommendations: * Take a
comprehensive approach to addressing cyber security issues.
Currently, Congress is considering cyber security problems such as
spyware, phishing, and data warehouse security on an individual
basis. * CSIA supports federal preemption of the multitude of
breach notification laws being passed in State legislatures. * CSIA
encourages the investigation of incentives, such as tax benefits,
to encourage businesses to implement stronger cyber security. *
Harmonize any new legislation with existing legislation at the
federal level, filling gaps rather than duplicating requirements
already contained in existing law, such as Gramm Leach Bliley Act
(GLBA), the Health Insurance Portability and Accounting Act (HIPAA)
and the Fair Credit Reporting Act (FCRA). Use existing security
standards wherever possible, rather than creating new ones. *
Encourage broader use of security technologies without mandating
specific technology solutions. Urge adoption of the approach
utilized in CA 1386 which calls for disclosure of a breach
involving unencrypted data. * Advocate for the Senate ratification
of the Council of Europe's Treaty on Cyber-Crimes, which assures
the public that appropriate laws and procedures will be available
to prosecute cyber-criminals on a global basis. CSIA also
recommends that ensuring security and privacy requires protecting
the storage of information, such as names, addresses, social
security numbers, dates of birth and credit reports, as well as
protecting the movement of data to and from the data warehouse.
Technical safeguards must be considered at three levels, including
data storage security, systems security and network security. To
obtain a complete copy of CSIA's "Policy Considerations for
Securing Electronic Data," please visit
http://www.csialliance.org/. About CSIA Launched in February 2004
by a group of cyber security software, hardware and services
companies, the CSIA is an advocacy group whose mission is to
enhance cyber security through public policy initiatives, public
sector partnerships, corporate outreach, academic programs,
alignment behind emerging industry technology standards and public
education. The CSIA is the only CEO public policy and advocacy
group comprised exclusively of security software, hardware and
service vendors that is addressing key cyber security issues.
Members of the CSIA include BindView Corp. (NASDAQ:BVEW); Check
Point Software Technologies Ltd. (NASDAQ:CHKP); Citadel Security
Software Inc. (NASDAQ:CDSS); Citrix Systems, Inc. (NASDAQ:CTXS);
Computer Associates International, Inc. (NYSE:CA); Entrust, Inc.
(NASDAQ:ENTU); Internet Security Systems Inc. (NASDAQ:ISSX); iPass
Inc. (NASDAQ:IPAS); Juniper Networks, Inc. (NASDAQ:JNPR); McAfee,
Inc. (NYSE:MFE); PGP Corporation; Qualys, Inc.; RSA Security Inc.
(NASDAQ:RSAS); Secure Computing Corporation (NASDAQ:SCUR), Symantec
Corporation (NASDAQ:SYMC) and TechGuard Security, LLC. To learn
more about the CSIA, please visit our Web site at
http://www.csialliance.org/ or call +1-703-894-2742. DATASOURCE:
Cyber Security Industry Alliance CONTACT: Michelle Schafer of
Merritt Group, +1-703-390-1530, or , for the Cyber Security
Industry Alliance Web site: http://www.csialliance.org/
Copyright
Check Point Software Tec... (NASDAQ:CHKP)
Historical Stock Chart
From May 2024 to Jun 2024
Check Point Software Tec... (NASDAQ:CHKP)
Historical Stock Chart
From Jun 2023 to Jun 2024