NTSC Supports Bipartisan Legislation to Establish the Cybersecurity Advisory Committee
The National Technology Security Coalition (NTSC) supports bipartisan legislation introduced by Representatives John Katko (R-NY), Dan Lipinski (D-IL), Dan Newhouse (R-WA), and Brian Fitzpatrick (R-PA) to establish the Cybersecurity Advisory Committee (CSAC). The Cybersecurity Advisory Committee Authorization Act of 2019 will establish an advisory committee of 35 cybersecurity professionals from across industries to provide the Director of the Cybersecurity and Infrastructure Security Agency (CISA) and the Secretary of the Department of Homeland Security (DHS) guidance on cybersecurity policy and rulemaking.
"As the only association solely representing the Chief Information Security Officer, we applaud Representatives Katko, Lipinski, Newhouse, and Fitzpatrick for their leadership to establish CSAC as the premier forum to advise CISA and DHS on cybersecurity threats," said NTSC Executive Director Patrick Gaul. "The Cybersecurity Advisory Committee will provide the Director of CISA and the Secretary of DHS access to cybersecurity professionals who are at the frontline of protecting billion-dollar enterprises from state and non-state actors around the globe. Our CISO community is precisely the organization to draw upon when DHS is looking for members. If asked, our members are prepared to serve on CSAC to help better protect the U.S. from cyberattacks. Congressman Katko continues to be a leader in bridging the cybersecurity gap between the public and private sectors. His work of protecting the U.S. from cyberattacks is critical to our national security.”
The introduction of this bill has received wide media coverage.
Rep. Katko Introduces Bipartisan Legislation to Improve America's Response to Cyber Threats, Coordinate Security Efforts Between Public and Private Entities (Congressman John Katko’s press release)
The Cybersecurity 202 (Washington Post)
Morning Cybersecurity (March 29, 2019) (Politico)
Rep. Katko offers plan to create cybersecurity advisory committee at CISA (Inside Cybersecurity)
House bill would create panel of cyber experts to help DHS (Federal News Network)
FCW Insider: April 1 (FCW)
The Early Edition: March 29, 2019 (Just Security)
Rep. Katko introduces bill to create cybersecurity advisory committee (Homeland Preparedness News)
Zappos Lawsuit Sign of How Courts May Interpret Data Breaches and Data Privacy in Future
The definition of “harm” is one of the most ambiguous and contentious legal definitions related to data breaches and data privacy. Whether or not “harm” took place doesn’t seem to matter in the ongoing Zappos lawsuit pertaining to a data breach in 2012. Even though “harm” did not take place, the potential of “harm” is keeping Zappos’ lawsuit alive. According to Reuters, “The U.S. Supreme Court [last] Monday rejected a bid by online shoe retailer Zappos to throw out a class-action lawsuit by customers who said their personal information was stolen by hackers in 2012. […] The case hinges on whether customers whose data has been stolen can sue the company that was hacked even if that information was not used for nefarious purposes such as identity theft or fraudulent charges. Zappos said customers whose data is not used in those ways are not harmed to such a degree that can sustain a federal lawsuit. But the customers said that after a breach their information can be misused at any time, even years later, and long before the fraud is discovered.”
Federal Cybersecurity News Roundup
Here’s a roundup of several federal cybersecurity news stories that appeared last week.
Cybersecurity Reports and Surveys Roundup
We’ve rounded up a few of the best cybersecurity reports and surveys released last week:
Insurance Industry Offers a Cybersecurity Ratings System
According to a press release, Marsh launched Cyber Catalyst, a program that brings together cyber insurers to identify and evaluate solutions they consider effective in reducing cyber risk, giving organizations greater clarity in an increasingly complex cybersecurity marketplace. The initial group of insurers includes Allianz; AXIS; AXA XL, a division of AXA; Beazley; CFC; Munich Re; Sompo International; and Zurich North America, which collectively represent a substantial portion of gross written premiums in the $4 billion global cyber insurance market. Microsoft will be a technical advisor to the participating insurers, providing counsel on the products and services being evaluated. Reported in Dark Reading, “According to The Wall Street Journal, ‘Marsh will collate scores from participating insurers, which will individually size up the offerings, and identify the products and services considered effective in reducing cyber risk.’ Companies that choose security products from among the approved selection may find themselves qualified for improved insurance terms and conditions.”