Perspective from our Principal Security Architect, Fausto Oliveira
“Similarly to what happened in the EU with the publication of GDPR, having a strong data protection law is essential to motivate businesses to adhere to a strong code of conduct when manipulating consumer and other business data. This is a positive step forward to bring the US in alignment to what is being done worldwide to protect consumer rights,” says Fausto Oliveira, Principal Security Architect at Acceptto. “However, I don’t see any recommendations for the size of fine, how those fines would be applied and how the money gathered from those fines would be re-used, I think those are crucial items when publishing a bill to create a new data protection agency. I certainly definitely welcome more level of detail before pronouncing further on the effectiveness of such a law.”
“I am not sure if we really need another agency,” he continues. “There is an agency already assigned to protect US cybersecurity, and I wonder if it wouldn’t be simpler and more effective to expand the powers of CISA to encompass data protection. In that way, the ability to synergize efforts and share information at a federal level would maximize the ability to detect companies that are non-compliant using existing investigative resources. I am always restrained when endorsing new agencies that can lead to efforts being duplicated, or ineffective, due to lack of expertise and manpower.”
Read the full article at Security Solutions website.