Capital Thinking: Cybersecurity


Legislative Branch Activity

Data Breach Hearings and Legislation

In response to the recent Target data breach which compromised the credit and debit card data of millions of customers, several committees will host hearings in the coming weeks to examine data breaches and their effect on customers. The Senate Judiciary Committee will hold a hearing on Tuesday, February 4 which will feature Target Chief Financial Officer John Mulligan, while the House Energy and Commerce Subcommittee on Commerce, Manufacturing, and Trade plans to hold a hearing on data breaches the same week. Members of the Senate Banking, Housing and Urban Affairs Committee, the Senate Commerce, Science and Transportation Committee, the House Financial Services Committee and the House Judiciary Committee have also called for hearings in their respective committees on the issue of data security and subsequent legislation that has been introduced in response to the recent data breaches reported in the news. Subcommittee on Commerce, Manufacturing, and Trade Chairman Lee Terry (R-NE) and Senate Homeland Security and Governmental Affairs Committee Chairman Tom Carper (D-DE) have both indicated that they plan to introduce data breach legislation in the coming weeks to go along with the bill that Senate Judiciary Committee Chairman Patrick Leahy (D-VT) has already introduced this Congress to create a national standard for data breach notification.

Upcoming Hearings:

  • Tuesday, February 4: The Senate Judiciary Committee will hold a hearing titled “Privacy in the Digital Age: Preventing Data Breaches and Combating Cybercrime.” The hearing will feature Executive Vice President and Chief Financial Officer of the Target Corporation John Mulligan.

Executive Branch Activity

NIST Cybersecurity Framework

As required by President Barack Obama’s cybersecurity Executive Order (EO) released in February 2013, the National Institute of Standards and Technology (NIST) will unveil the final version of its Cybersecurity Framework by February 13. NIST recently reviewed the comments from over 200 stakeholders that discussed their concerns about the preliminary Cybersecurity Framework that NIST released in October. In response to these comments, NIST noted that it plans to scale back its original privacy recommendations after a number of industry representatives criticized NIST for calling on companies to minimize the personally identifiable information they collect and share about their customers as part of the preliminary Framework. While NIST has not explicitly stated how it will change this section of the Cybersecurity Framework, it did note in a recent update that it would incorporate alternative methodologies and additional context on privacy based on the comments and public input it received.

After NIST releases the Framework next month, the Department of Homeland Security will continue to work on turning the standards set out by the Framework into a voluntary program for critical infrastructure owners and operators. In addition, NIST has also indicated that it may sponsor another workshop in the next four to six months to review the stakeholder experience with the Cybersecurity Framework and discuss questions about the long-term governance of the Framework.

Written by:

Published In:

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Squire Patton Boggs | Attorney Advertising

Don't miss a thing! Build a custom news brief:

Read fresh new writing on compliance, cybersecurity, Dodd-Frank, whistleblowers, social media, hiring & firing, patent reform, the NLRB, Obamacare, the SEC…

…or whatever matters the most to you. Follow authors, firms, and topics on JD Supra.

Create your news brief now - it's free and easy »


Squire Patton Boggs has launched to combine the strength, influence and resources of Squire Sanders... View Profile »

Follow Squire Patton Boggs:

Reporters on Deadline

All the intelligence you need, in one easy email:

Great! Your first step to building an email digest of JD Supra authors and topics. Log in with LinkedIn so we can start sending your digest...

Sign up for your custom alerts now, using LinkedIn ›

* With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name.