Executive Director’s Message
by Paul Kurtz, CSIA Executive Director
CSIA board members, in Washington for our April 4 meeting, visited Capitol Hill to meet with leading members of Congress to discuss CSIA’s top initiatives.
The meetings covered legislative initiatives critical to the information security industry and ultimately the health of America’s economy. But the most pressing was the need for a national law requiring the implementation and enforcement of security measures in order to help reduce data breaches. This law should include incentives for the implementation of best practices, such as encryption, and should also standardize notification requirements for consumers whose personal information is affected by data breaches, superceding the current patchwork quilt of state initiatives.
The loss of consumer confidence in the security and privacy of the Internet could limit the potential of the expanding global network, which could lead to stunted economic growth, deeply affecting US technological innovation. Passing a national law requiring businesses to implement and enforce security measures will reinforce consumer confidence.
Board members also focused in their visits on issues like the resiliency of the Internet in the face of terrorist attack or natural disaster, America’s broader digital infrastructure, and the ability to use telework to maintain critical operations should travel be restricted by a catastrophe such as an outbreak of the avian flu.
Finally, we focused on the need for new tools to cope with the evolving nature of cybercrime, which is increasingly international and well organized. The Council of Europe’s Convention on Cybercrime, an important law enforcement agreement that was negotiated by President Clinton, signed by President Bush and approved the Senate Committee on Foreign Relations, has since languished, reportedly because of the anonymous "holds" of two senators. Our CEOs made clear to legislators that, while national borders continue to constrain effective law enforcement, they are virtually meaningless to cybercriminals, and that the Senate should recognize this reality by ratifying the convention.
To reinforce their messages, the board members distributed the letter below, addressed to the top leadership of both houses of Congress, calling for action on key legislation before the end of the year. We will be working closely with members on both sides of the aisle to help make that happen.