What are the pros and cons of a national breach notification law?
That is the topic of a discussion among Chief Information Security Officers that I will be moderating for the National Technology Security Coalition (NTSC) CISO Policy Roundtable tomorrow (4/3/17). My goal is to keep my own comments to a minimum, ask good questions, and let the CISOs share their real-world knowledge.
Comments are open so please share your thoughts on this issue. Specifically,
- What are the questions that need to be asked to facilitate this discussion?
- What are the critical points that need to be made?
Here are a few resources that I found helpful in my research on this issue:
- State Data Breach Notification Laws: February 2017 Privacy Update
- Massive Yahoo break-in shows need for uniform national data breach law
- New Mexico Set to Be 48th State with Breach Notification Law
- Five States Introduce New Data Security Laws
- Data Breach 101, Part I: Data Breach Notification Laws
- Examining the President’s Proposed National Data Breach Notification Standard Against Existing Legislation
- Data Security and Breach Notification Legislation Gaining Traction in Congress
- The need for a national data breach notification law
- Here’s why the government wants a national data breach law
- Why this national data breach notification bill has privacy advocates worried
- Push on for National Breach Notice Law
- THE DATA SECURITY ACT OF 2015- WHAT DOES IT MEAN FOR BANKS AND MERCHANTS?
- SECURITY BREACH NOTIFICATION LAWS, National Conference of State Legislatures