What You Need to Know About Cybersecuirty Act of 2015

 

In December 2015, the President signed into law the Cybersecurity Act of 2015. This act passed the Senate in October, cleared the House on December 15 and the President’s office three days later. What does this law mean for our clients? In this article, we present a brief summary.

Source: System Lock by Yuri Samoilov. Under Creative Commons (License Link)

What Is It?

Introduced into Congress in July of 2015, the then proposed Cybersecurity Bill was designed to improve cybersecurity standards across the country. This was to be achieved by enhancing the process of information exchange between private entities and government bodies. It also permits the sharing of information between the U.S. government and technology manufacturers and providers. It is designed, effectively, to create a network of communication for private and public bodies to work together to fight cybercrime and cyberterrorism.

What Does It Do?

The government and its supporters in industry expect that this new law will provide law enforcers and cybersecurity professionals with a number of measures to challenge and combat the growing global threat of cybercrime and cyberterrorism. Several high profile hacks occurred in 2015; the Ashley Madison hack was the most high profile but there were others including UK telephone service provider TalkTalk, the FBI Portal, Samsung and Hilton Worldwide were others.

In some cases, people had their private details made public. When hackers have broken into security systems of companies that hold confidential information, the agency or company attacked has largely been unable to share information due to data protection laws until now. It is incidents like these that Congress now believes government agencies and private business now have the tools and the power to prevent.

 

How Will It Affect Your Records?

Concerns have been expressed about this law regarding citizens’ privacy. It will not compromise data that we hold on behalf of our clients, but enables us better protect it. The Cybersecurity Act of 2015 permits private organizations and government agencies to share indicators and details of data hacks. Previously, we could not do this as just as the data itself was protected, so was the process of accessing the data. The law commonly known as “The Wiretap Act” prevented the release of this information to anybody.

We believe that this new law that gives us ability to share this data with the US government and other private organizations will lead to improved standards in the industry and communication between government agencies and private industry.