The benefits of using Unmanned Aircraft Systems (UAS) for tasks from catastrophe response to infrastructure inspection to construction site monitoring, and everything in between, are great. ...19 May 2016
US Executive Branch to Ramp Up Cybersecurity Actions as Federal Legislation Stalls
The Cybersecurity Act of 2012 (CSA) as amended is significantly more complex than cybersecurity legislation passed in April by the House of Representatives. In its most recent version, the CSA would mobilize the federal government to, among other things:
- Form a multi-agency Council to inventory and conduct “cyber risk assessments” of industry sectors considered vulnerable to cyber-based attack.
- Categorize certain types of industries as “critical cyber infrastructure” based on such assessments and a list of enumerated criteria.
- Require reporting of all significant “cyber incidents” by the owners of such critical cyber infrastructure; such requirements would go beyond the requirements of existing data breach notification laws.
- Develop new security standards and use significant incentives to promote adoption by industry—incentives that some have described as inevitably leading to mandates.
Other parts of the Senate legislation would have amended FISMA (the framework law that guides information security efforts of the federal civilian agencies); promote and protect information sharing between government and industry; and support enhanced R&D and education efforts on cybersecurity.
Congressional efforts to address cybersecurity risk are certain to continue, so these and other proposals bear watching. Perhaps even more significant in the near term is the Administration’s reported intention to use its existing authority to enhance industry and government practices in this area.
This blog entry was contributed by Harriet Pearson, a Partner in the Privacy and Information Management group in Hogan Lovells' Washington, DC office.
The health sector is under siege with cybersecurity threats. Some of the largest announced cyber attacks in U.S. history have targeted organizations in the health industry. Regulators have...02 May 2016