During TechAmerica’s DC Fly-In in February, Marci McCarthy, CEO and President of T.E.N., met with congressional industry leaders to discuss key trends in the IT sector. McCarthy was one of roughly 150 attendees at the event, and one of more than 30 delegates from the state of Georgia. In this podcast, she discussed their goals and initiatives and why emerging cybersecurity legislation, data breach notification policy and net neutrality are all issues that lawmakers must address.
McCarthy discussed the need for a stronger partnership between the public and private sectors. A significant amount of knowledge resides inside law enforcement and government agencies like the FBI and CIA when it comes to major events like the Sony Pictures and Anthem data breaches. Despite the information at their disposal, the means by which this organization shares said info with the public sector has continued to difficult due to a number of factors.
Primary among these factors are the differing state notification laws for reporting data breaches. Currently, 47 states have their own requirements and guidelines, all with wildly differing time frames for relaying information to the general public. Currently, millions of people affected by major breaches like Anthem are all receiving notifications of potential personal data compromise at varying times and rates.
“As a consumer, that’s an overwhelming situation,” said McCarthy.
Another topic of interest is the need to a single federal breach notification law that would not only help streamline the process at the national level, but also ensure that members of the public are made aware of any personal data compromise in a timely fashion. McCarthy also discussed how proving fraud charges can be a contentious situation for the public sector, stating the process feels very convoluted for the average citizen and consumer.
On the topic of big data, McCarthy discussed how recent trends in social media will begin to play a bigger role. Many identity crimes and phishing attacks are based on profile building. As malicious individuals begin using various social media outlets to gather information on a target, it becomes easy for them to create fake accounts and start performing malevolent activities under the guise of someone else. Popular sites like Facebook and Twitter, as well as a number of popular crowdfunding websites are already becoming common breeding grounds for identity spoofing operations.
“The more information you put out there, the more info these big data threats have access to,” warned McCarthy.
While big data does have the ability to leverage analytics in a positive manner the potential for abuse is still there. There’s a major need to clamp down on big data activities with potential to harm people and a need to restrict the kind of info that can be bought and sold.
Finally, McCarthy discussed the benefits of the ISE® Programs, highlighting how they provide a way for professionals in the industry to share their best practices and innovations in the world of security. “Reputation is critical to today’s business,” McCarthy noted when discussing how many businesses affected by breaches still struggle to regain customer trust after data breaches. While we often hear about how security professionals via the media when these breaches occur, McCarthy cited the importance of also showcasing and honoring them for the great strides and advances they make in the industry at large.