Professor Kobayashi Urges Businesses to Demand More Secure IT Products
Cybersecurity ideas coming out of Congress may not provide the desired help for business and may in fact create new expenses for those companies, Professor Bruce Kobayashi told attendees at a data security conference sponsored by conservative think tank the Progress & Freedom Foundation (PFF).
"I think Congress has to ... slow down," said Kobayashi. "Otherwise, we're going to get some SOX-type legislation in which firms spend a lot of money sending out notifications."
Security Experts: Many Problems, Few Legal Solutions, PC World, May 10, 2006. By Grant Gross.
"Since a rash of data breaches in early 2005, Congress has introduced more than 10 bills related to data breach notification. Four bills are awaiting action on either the Senate or the House of Representatives floor, but the bills differ in their approach, and each would have to pass through the other chamber to become law. Congress is scheduled to adjourn for the year in early October.
"The working model for a data breach bill seems to be the SOX law, which has cost U.S. businesses hundreds of millions of dollars, Kobayashi said. 'The model is a sledgehammer,' he said. 'What economists hope is Congress steps back and looks at the costs and benefits before they do something like that.'"