The Morning Risk Report: Cybersecurity Proposals Get Mixed Reviews From Business

January 13, 2015 – In The News
The Wall Street Journal: Risk & Compliance Journal

Scott L. Vernick was quoted in The Wall Street Journal: Risk & Compliance Journal article, “The Morning Risk Report: Cybersecurity Proposals Get Mixed Reviews From Business.” Full text can be found in the January 13, 2015, issue, but a synopsis is below.

On January 12, President Barack Obama proposed new cybersecurity protections that, depending upon who you ask, will either create costly new regulatory hurdles for businesses or free them from having to comply with a patchwork of state laws governing data breaches.

The measures announced include replacing individual laws regarding breaches in most states with the creation of a national breach notification law and preventing companies from profiting off student data collected by schools and corporations.

While companies may not be happy with the limitations on what they can do to make money off data collected from students, most will benefit from the proposed national breach notification law, said Scott L. Vernick, a noted privacy attorney.

If the national breach notification law is put in place, it would make it easier for businesses “to plan better, respond better, be more rational and not necessarily just running around trying to figure out what to do because there are 47 different state laws to comply with,” Vernick said.

“I think this is a pro-business move that is helpful and will rationalize the response effort,” he added.

The president is expected to announce corporate cybersecurity initiatives on January 13, and according to Vernick, it’s possible the president will push for a law to foster better information sharing between corporations and the government.

Click here to view the full article.