A newly proposed Federal law, if enacted, will extract large fines from Credit Reporting Agencies that experience data breaches, and will also establish an Office of Cybersecurity at the Federal Trace Commission.
Last week we started hearing about the Equifax data breach, although Equifax had actually known about the data breach at least a month earlier. (The full text of the Equifax statement about the cybersecurity data breach is reprinted below.) The most stunning thing about this breach is the breadth of it: the Personally Identifiable Information (PII), including names, social security numbers, and driver’s license numbers of 143 million U.S. citizens were exposed in this breach. Here is what you need to do, right now, to protect yourself.
The new National Intelligence Estimate (NIE) on Cyber Espionage (the first NIE ever to address cybersecurity specifically), which is compiled by the office of the Director of National Intelligence (currently James R. Clapper), concludes that the United States is the target of a “major espionage campaign”, and fingers China as one of the leading offenders. This is providing a marketing opportunity for a new breed of services: organizations that will go out on the offensive for your company, basically hacking the hackers on your behalf, and essentially striking back at those attacking your network with a counter-strike. In fact, one such company calls itself “CrowdStrike”.