Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

Subscribe

Cybersecurity Legislation Week 2015

April 13, 2015 • 3 Min Read
by Cris Thomas 
Blog Home /

Some people are calling this week a Cyber Legislation Week. As the entire cybersecurity industry starts making its annual pilgrimage to the foggy city on the bay where they will spend several days inside a conference hall talking about or listening to nothing but information security, our elected officials on the other side of the country will attempt to capitalize on all of that RSA conference excitement by moving forward on several pieces of legislation on cybersecurity.

This isn’t the first time these issues have come before Congress, but most previous efforts have failed. Last year’s cybersecurity legislation never made it to the floor for a vote, and the Patent Transparency and Improvements Act and the USA Freedom Act died in Senate. At the time, it was thought that this Congress would not revisit these issues, but the recent Sony attack and the President’s Executive Orders have changed all that.

Net neutrality

During cybersecurity legislation week, in addition to the return of the old issues, we will see challenges to the FCC’s new Net Neutrality rules. The FCC rules were officially published this week, opening the door for lawsuits to be filed. 

Patent reform

First up this week is patent reform, with a House hearing on H.R. 9, the Innovation Act. Look for a Senate version to be introduced later this week. The goal here is to limit patent trolls and to prevent them from basically extorting money from companies, while at the same time protecting new inventions.

Cybersecurity Information Sharing Act

But the big elephant in the room that has people concerned on all sides is the Cybersecurity Information Sharing Act or CISA. The bill was first introduced last year and on the surface, it sounds like a great idea. It should make it easier for private companies to share threat and attack data with the federal government, who could then gather everything in one place to look for potential correlations before sharing those findings back out with private companies, making everyone a little more secure. Privacy advocates felt the original bill went a little too far and further increased the reach of the US intelligence gathering capabilities. When the White House objected to the bill and threatened not to sign it, the bill died and never saw a vote.

But now, in the aftermath of the breaches at Target, Home Depot and of course Sony, CISA has returned. It has already passed the Senate Intelligence Committee and a similar bill made it through the House Intelligence Committee last month. The White House has responded well to the new version although some privacy advocates are still concerned. The Homeland Security panel released its version of CISA on Monday this week and plans to hold a markup of the bill on Tuesday. If the Homeland Security and Intelligence bills are combined by the Rules Committee before they head to the floor, the final bill could end up looking drastically different from what was originally planned for this bill. A floor vote is scheduled on the Senate version for the middle of RSA week, sometime between April 21st and 23rd

National data security and breach notification

On Wednesday this week, the House Energy and Commerce Committee will markeup their bill to create a national data security and breach notification standard. If passed, this bill would supersede the various individual state breach notification bills. This has some opponents worried because several state breach notifications have much stronger consumer protections than this federal version.

NSA reform

With the cybersecurity issue likely to be wrapped up in the next few weeks one way or the other, some legislators will likely turn back to NSA reform. With Section 215 of the Patriot Act due to expire on June 1st, there may be some legislative movement on this issue. John Oliver’s interview with Edward Snowden has only helped to further ignite discussion on the issue of surveillance reform.

More to come

Between the legislative happenings in Washington, DC and almost the entire security industry convening in San Francisco next week, the cybersecurity arena will be a busy one over the next two weeks. Watch this space for more news as it breaks.

See my follow up blog for results of the week's activities.

Related Articles

Cybersecurity Snapshot: The Latest on Supply Chain Security – SBOM Distribution, Open Source Flaws and a New Security Framework

April 21, 2023

Check out what CISA says about the sharing of software bills of materials. Plus, why you should tread carefully with open source components. Also, the SLSA supply chain security framework is ready. In addition, security worries hold back enterprise IoT adoption. And much more!

Juan Perez

Juan Perez

Cybersecurity Snapshot: As ChatGPT Concerns Mount, U.S. Govt Ponders Artificial Intelligence Regulations

April 14, 2023

As ChatGPT security worries rise, the Biden administration looks at crafting AI policy controls. Plus, Samsung reportedly limits ChatGPT use after employees fed it proprietary data. Also, how password mis-management lets ex-staffers access employer accounts. In addition, the top identity and access management elements to monitor. And much more! 

Juan Perez

Juan Perez

Cybersecurity Snapshot: A ChatGPT Special Edition About What Matters Most to Cyber Pros

March 3, 2023

Since ChatGPT’s release in November, the world has seemingly been on an “all day, every day” discussion about the generative AI chatbot’s impressive skills, evident limitations and potential to be used for good and evil. In this special edition, we highlight six things about ChatGPT that matter right now to cybersecurity practitioners.

Juan Perez

Juan Perez

Tenable and Thales Collaborate to Provide Cyber Defense Simulations to Better Secure Operational Technology Environments

April 18, 2024

The heart of the Welsh Valleys is home to the Thales Ebbw Vale campus, a world-class facility jointly funded by the Welsh government as part of its regeneration program for the region. At the core of the facility is the Cyber Range, a simulation and virtualization platform for training, testing, exercising and R&D. Tenable has joined the lineup of solutions used to run real world simulations in this controlled environment.

Chris Baker

Chris Baker

Oracle April 2024 Critical Patch Update Addresses 239 CVEs

April 17, 2024

Oracle addresses 239 CVEs in its second quarterly update of 2024 with 441 patches, including 38 critical updates.

Scott Caveza

Scott Caveza

Strengthening the Nessus Software Supply Chain with SLSA

April 16, 2024

You know Tenable as a cybersecurity industry leader whose world-class exposure management products are trusted by our approximately 43,000 customers, including about 60% of the Fortune 500. But sometimes we like to give you a peek behind the curtain to share how we protect our own house against cyberattacks – and that’s what this blog is about. Today we’re sharing our experience adopting the supply-chain security framework SLSA, with the hopes that the lessons we learned will be helpful to you.

By Blake Kizer, and Amanda Cornwell
  • Legislation
  • Public Policy

Cybersecurity News You Can Use

Enter your email and never miss timely alerts and security guidance from the experts at Tenable.

Try for Free Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now
Try for Free Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now
Try for Free Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now
Try for Free Buy Now

Try Tenable Web App Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.

Buy Tenable Web App Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try for Free Contact Sales

Try Tenable Lumin

Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.

Buy Tenable Lumin

Contact a Sales Representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.

Try for Free Buy Now

Try Tenable Nessus Professional Free

FREE FOR 7 DAYS

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

NEW - Tenable Nessus Expert
Now Available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Pro Trial.

Buy Tenable Nessus Professional

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Buy Now
Renew an existing license | Find a reseller
Try for Free Buy Now

Try Tenable Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Buy a multi-year license and save more.

Add Support and Training

Buy Now
Renew an existing license | Find a reseller