If nothing else, President Barack Obama’s proposed Internet security legislation is causing more experts in enterprise and government IT to talk about data protection.
Since the White House released a fact sheet on its Cybersecurity Legislative Proposal, analysts and experts in IT have speculated as to the impact of the legislation’s standards for protecting against the external threats facing today’s enterprise networks.
“Our nation is at risk. The cyber security vulnerabilities in our government and critical infrastructure are a risk to national security, public safety and economic prosperity,” the White House said in a statement. “The administration has responded to Congress’ call for input on the cyber security legislation that our nation needs, and we look forward to engaging with Congress as they move forward on this issue.”
While most will agree that these threats are prevalent, some are stressing centralization in a federal approach to Internet security. Caron Carlson, a 15-year veteran in the IT field and editor of enterprise IT news and analysis site FierceCIO, said a balance between federal and state control over data protection is essential to successful legislation.
“A national breach notification law should set a baseline standard for notification, but states should be allowed to expand on it,” Carlson wrote for FierceCIO. “Lawmakers should also proceed cautiously when taking up the White House's proposal to give companies immunity when turning over information about their customers' communications to the Department of Homeland Security.”
Meanwhile, others believe the White House simply hasn’t provided enough details on how such legislation will impact today’s businesses. In a company blog post, Rob Rachwald, director of security at Imperva, called the proposal “overall, a good step in the right direction,” but stressed that “the proposal would benefit from some specifics. Actually, a lot more specifics.”
The federal government is concerned with protecting data on multiple fronts, as cloud computing security is likely to become a top priority while federal CIO Vivek Kundra continues his push in favor of the government’s “cloud-first” policy.