This week’s State of the Union Address was the fourth in a row in which President Obama highlighted the critical nature of cybersecurity. Until the most recent onslaught of headlines painted a painful picture of the consequences of a data breach, all too many of our organizations have been focused on passing compliance audits and dealing with a broad variety of threats to long-term business viability. Times have changed, and the headlines and the tough reality are all crystal clear: the bad guys are strong, dedicated, and working productively together, and they are in our networks today.
As President Obama said, lawmakers must “finally pass the
legislation we need to better meet the evolving threat of cyber-attacks,” and,
“If we don’t act, we’ll leave our nation and our economy vulnerable.” Recently
proposed legislation would relieve some of the risk of participating in the
information-sharing for which the federal government is asking. Defending our
organizations is becoming increasingly complicated for legal and security
teams, so it’s crucial for such legislation to increase the incentives or
decrease the exposure that companies would experience in being more transparent
and collaborative with government when data breaches occur.