In a precursor to his first State of the Union speech of the year, set to take place on January 20, President Obama addressed the Federal Trade Commission (FTC) this week regarding initiatives designed to improve the security of consumer
and student data.

Obama proposes:

  • A new national standard (intended to provide a more consistent framework than the fragmented state-by-state laws) requiring companies to alert customers of data breaches, where personal information has been compromised, within 30 days. Overseas trade of stolen identities would become a criminal offense and would open the door to easier prosecution of foreign bad actors.
  • Revival of his 2012 “Consumer Privacy Bill of Rights,”written to assure that consumers have some influence over how their online data is collected and sold by companies using “big data”methods.
  • Protection for students from commercialization of their personal information when gathered by educational software and apps, which use the data for targeted advertising to young people.
  • A voluntary code of conduct for utility companies to safeguard customer usage information.
  • Government and the private sector be required to share cyber threat intelligence.

All of these initiatives will have to pass through Congress, but because the clock is ticking on the President’s influence, it may be a while before a tight national defense against the misuse of digital information is in place. The themes of these initiatives will likely become campaign issues in the next election.

In the meantime, the SEC will continue to conduct cybersecurity sweep exams to ensure compliance and effective management of risks in the financial sector. Investment advisors, hedge funds, equity investors, etc., will be required to provide evidence of investment in long-term implementation programs which meet SEC expectations for security, vigilance, and resilience. More on this to come.

 


 

EdgeWave provides comprehensive Military Grade cyber security to companies large and small in all sectors, deploying the latest in automated protection backed by 24/7 human analysis, and guarding against Advanced Persistent Threats. EdgeWave monitors networks and customizes security rules for over 6000 clients globally, ensuring compliance and timely reporting. Visit www.edgewave.com to find out how easy it is to secure your network.