January 10, 2013 1 Comment-
As we’ve been following the development of (and advocating for) the failed Cyber Security Act of 2012, a similarly worded amendment to the FY 2013 National Defense Authorization Act (NDAA) has been brewing within the Senate. Just as last year’s Cyber Security Act would apply to critical infrastructure and financial institutions, Senator Carl Levin’s Amendment 3195 would require Department of Defense (DoD) contractors to report network breaches.
The proposed amendment hands responsibility to the Under Secretary of Defense for Intelligence to establish a reporting process, but specifies that defense contractors must:
Norman AS supports Levin’s amendment, as communication about unauthorized access to confidential information systems is vital to preventing future threats. The more information the Pentagon can collect about a breach, the better it can mitigate its damage. Hackers are aware that contractors are the weakest link of the department, thus easy targets. The amendment’s supporters cite recent examples of costly data capture by Chinese and Russian hackers.
Because businesses are often reluctant to share information with government entities, without such legislation, private contracting companies would be under no obligation to report the theft of government intelligence critical to defending our nation. It’s refreshing to see this potential reversal on the horizon for 2013.
Do you support the NDAA Amendment 3195? Please share your thoughts in the comments.
Image credit: US Department of Defense (via Wikimedia Commons)
Darin Andersen is the Vice President & General Manager for Norman North America and has more than 20 years of experience in software and security sales management.
Security Exposed Bloggers
Norman Blog Archive