Senate cybersecurity bill misses the mark

October 26, 2015

The Editorial Board

In honor of October's designation as National Cybersecurity Awareness Month, the U.S. Small Business Administration (SBA) has unveiled a new Web page dedicated to promoting cybersecurity for small businesses. - See more at: http://www.businessnewsdaily.com/8491-sba-unveils-small-business-cybersecurity-tools.html#sthash.HVndjn45.dpuf
In honor of October's designation as National Cybersecurity Awareness Month, the U.S. Small Business Administration (SBA) has unveiled a new Web page dedicated to promoting cybersecurity for small businesses. - See more at: http://www.businessnewsdaily.com/8491-sba-unveils-small-business-cybersecurity-tools.html#sthash.HVndjn45.dpuf

Over the past few years, the federal government and big corporations, including Sony and Target, have been hit by massive data breaches, a chilling reminder of the severity and scope of cybersecurity threats. Congress offered much bark and little bite in response until Thursday, when the Senate voted 83-14 to end debate on the Cybersecurity Information Sharing Act (CISA). Now the bill will move to the Senate floor and is expected to pass next week, despite opposition from Massachusetts senators Elizabeth Warren and Ed Markey, and from civil rights advocates.

The information shared by CISA would consist primarily of “threat indicators,” data that get exchanged between government agencies and big companies. The government can ideally use these indicators to respond more effectively to cybersecurity threats across the country. But crucial questions remain as to whether CISA offers meaningful protection to citizens. The bill would allow substantial amounts of data to be shared in bulk between companies and agencies, with insufficient, vague requirements on removing personal information. As Senator Ron Wyden, an Oregon Democrat, put it on the Senate floor, “This bill says, with respect to personal data, when in doubt, you can hand it over.”

 

Tech companies including Twitter, Reddit, Dropbox, and Apple have added their voices to the fray. Earlier this year, Apple refused to offer the government “back door” access into their encrypted devices, and asserted in a statement on CISA that “we don’t believe security should come at the expense of [customer] privacy.” Besides calling out privacy concerns, Apple and other tech giants must protect their business. International customers don’t want their data shared with the US government — and The New York Times reports that 64 percent of Apple’s revenue now originates outside the United States.

As the legislation moves toward a Senate vote, CISA in its current form needs improvements. Perhaps most important, the Senate must answer whether this bill resolves the chronic conditions afflicting America’s security network: unencrypted data, out-of-date systems, unprotected user access, and widespread underfunding. Sharing information can certainly be a valuable tool, but it shouldn’t be mistaken for the systemic upgrades that would demonstrate a genuine national commitment to cybersecurity.

Read Full Article

SBA Unveils Small Business Cybersecurity Tools
Credit: Mark Van Scyoc

In honor of October's designation as National Cybersecurity Awareness Month, the U.S. Small Business Administration (SBA) has unveiled a new Web page dedicated to promoting cybersecurity for small businesses.

In the wake of high-profile data breaches, many businesses are eager to implement a more robust cybersecurity strategy. The SBA's cybersecurity page, launched earlier this month during the "Cybersecurity at Work" week, offers advice and tools for small business owners who are seeking to better protect both their own data and their customers' data. In 2013, 44 percent of the 800 small business owners surveyed reported having experienced a cyberattack that resulted in an average cost of nearly $9,000, according to a report by the National Small Business Association.

"Cybersecurity is one of our nation's most pressing national security priorities, and America's 28 million small businesses, which create two out of every three new jobs in the U.S., are especially at risk," SBA Administrator Maria Contreras-Sweet said in a statement announcing the Web page. "Small employers are quickly becoming a larger target for criminals looking to access sensitive data because small businesses typically have limited resources for information systems security. In an effort to combat cyberattacks against small businesses, the SBA's online tools will help employers identify information security vulnerabilities that put their companies at risk."

- See more at: http://www.businessnewsdaily.com/8491-sba-unveils-small-business-cybersecurity-tools.html#sthash.HVndjn45.dpuf
In honor of October's designation as National Cybersecurity Awareness Month, the U.S. Small Business Administration (SBA) has unveiled a new Web page dedicated to promoting cybersecurity for small businesses. - See more at: http://www.businessnewsdaily.com/8491-sba-unveils-small-business-cybersecurity-tools.html#sthash.HVndjn45.dpuf