Reps. Anna Eshoo, D-Calif., and Susan Brooks, R-Ind., and Sens. Orrin Hatch, R-Utah, and Ed Markey, D-Mass., introduced legislation June 29 to combat cyber crime by mandating that the National Institute of Standards and Technology (NIST), the Federal Trade Commission (FTC), and the department of Homeland Security (DHS) establish baseline best practices for the private sector.
“Our nation’s computer networks—public and private—are under constant attack from cyber criminals,” Eshoo said. “It’s estimated that these attacks cost our economy nearly half a trillion dollars annually in identity theft, stolen blueprints, exposed financial information, and more. The scary truth is that data security experts have suggested 90 percent of successful cyberattacks are due to system administrators overlooking two integral pillars of network security: cyber hygiene and security management. By instituting common-sense best practices, system administrators can better protect their networks and consumer data from a majority of known cyber threats.”
The legislation comes after WannaCry and Not Petya attacks infected the networks of businesses, financial systems, and critical infrastructure worldwide.
“With cyber criminals growing bolder in their attacks, strengthening our cybersecurity infrastructure remains one of my top priorities in the Senate,” Hatch said. “Cyberattacks threaten our economy and inflict untold damage on thousands of Americans. Fortunately, proper cyber hygiene can prevent many of these attacks. This bill will establish best practices for cyber hygiene and make them available on a publicly accessible website.”
The bill calls for the voluntary best practices to be made available publicly online and instructs the department of Homeland Security to study cybersecurity threats relating to Internet of Things devices.
“The Internet of Things era is defined by the connectivity of the daily digital world–our devices, appliances, and machines now communicate with one another across rooms, across states, and across oceans,” Markey said. “But the Internet of Things era could morph into the Internet of Threats era if appropriate cybersecurity safeguards are not put in place now to protect consumers. This legislation will help establish best practices for good cyber hygiene such as two-factor authentication, an important step that will help Americans protect against cyber hacks and attacks.”