It was great to read that the "Cyber Security Public Awareness Act of 2011" was recently introduced in the US Senate. The purpose of the bill is to raise the public's security awareness, and to force the government to provide more detailed information on cyber attacks and the threats lobbed by cyber terrorists. The bill also promises to improve the quality of reports about cybercrime, and will require government agencies to submit annual reports to Congress that provide statistics about cyberattacks against the .gov and .mil domains, among other requirements. If the bill becomes law, agencies that must adhere to the new Internet crimes reporting standards are the Department of Homeland Security, DoD, Attorney General, FBI, and SEC, among others.
What the bill means in simple terms is:
The legislation could also require regulated private organizations to step-up reporting of information security incidents. Historically, the private sector has tended to keep security breaches and incidents under wraps, reporting only what they have to by law.
Senator Sheldon Whitehouse (D-RI) and Senator Jon Kyl (R-AZ), who introduced the bill, have criticized the US government for keeping important details about cybercrime from the public. "The private sector keeps the damage they are sustaining from cyber attacks secret so as not to look bad to customers, to regulators, and to investors. The net result of that is that the American public gets left in the dark," Whitehouse said in November 2010.
Stu Sjouwerman
What the bill means in simple terms is:
- An increased level of reporting by government agencies
- More transparency and details in the reports
- More government reports released as Unclassified
The legislation could also require regulated private organizations to step-up reporting of information security incidents. Historically, the private sector has tended to keep security breaches and incidents under wraps, reporting only what they have to by law.
Senator Sheldon Whitehouse (D-RI) and Senator Jon Kyl (R-AZ), who introduced the bill, have criticized the US government for keeping important details about cybercrime from the public. "The private sector keeps the damage they are sustaining from cyber attacks secret so as not to look bad to customers, to regulators, and to investors. The net result of that is that the American public gets left in the dark," Whitehouse said in November 2010.
Stu Sjouwerman