What New Cybersecurity Legislation Doesn’t Include

From securityboulevard.com

cybersecurity legislation

Cybersecurity legislation needs to include ways to improve IT hygiene and visibility, the collective root of the cybersecurity problem

Cybersecurity challenges aren’t slowing down. Government websites have been hacked and kicked offline by ransomware; dozens of United Nations servers were breached earlier this year. The extent of these attacks—how much data was stolen, how long the affected parties took to react—is not always immediately known. But one thing is certain: Malicious threat actors are out there in ever-increasing volume and they are targeting everyone, looking for easy access to sensitive data.

Noting that ransomware and other cyber threats have “grown at an alarming rate,” in January Congress introduced the Cybersecurity State Coordinator Act (CSCA) of 2020, bipartisan legislation that focuses on cybersecurity coordination between federal, state and local governments. If signed into law, the bill would pave the way for the appointment of a cybersecurity state coordinator in each state to assist in managing, preventing, anticipating and recovering from cyberattacks.

Read more…