Survey: Cybersecurity pros endorse data breach notification rules

Three quarters of ISACA members say they support Obama's proposal

More than three-quarters of ISACA members support a data breach notification proposal from President Barack Obama.

More than three-quarters of ISACA members support a data breach notification proposal from President Barack Obama.

U.S. President Barack Obama's call for a nationwide data breach notification law has won strong support from members of one cybersecurity-focused organization.

More than three quarters of ISACA members surveyed by the cybersecurity training and benchmarking organization said they agreed or strongly agreed with Obama's proposal to require breached organizations to notify affected customers within 30 days. Only about 8 percent of the 3,400 respondents said they disagreed or strongly disagreed. Most of ISACA's 115,000 members are IT professionals.

Asked what the biggest challenge companies would face in complying with a breach notification law, 55 percent of those surveyed said it would be a concern over corporate reputation. Other 15 percent said the biggest challenge would be systems not designed for data breach reporting, and 13 percent said increased costs.

More data breach reporting will lead to companies taking new steps to protect their data, said Robert Stroud, international president of ISACA and vice president of strategy and innovation at CA Technologies. A new law will make cybersecurity "an agenda item" among company leaders, he said. "There are some organizations potentially not giving this the level of diligence they should."

Obama is expected to call for a breach notification law during his State of the Union speech Tuesday evening. More than 45 states have their own breach notification laws, but there's no national standard. U.S. lawmakers have been trying to pass a national law for about a decade without success.

Obama is also expected to propose new ways to allow organizations to share cyberthreat information with each other and with government agencies, with protection from lawsuits. While some cyberthreat sharing proposals have raised concerns among privacy advocates, the U.S. needs to find ways to allow companies and government agencies to alert each other of attacks, Stroud said.

A threat information-sharing bill would be a "great initiative," Stroud said. "If Washington acts, we hope they take a clear and straight-forward approach, working in close coordination with industry."

The ISACA survey, completed last week, also asked respondents whether they expect a cyberattack to strike their organizations in 2015. Only 46 percent said they expect a cyberattack, while 24 percent said they were unsure.

Respondents may have read the question to mean a major cyberattack, not more common probing of their networks for weaknesses, Stroud said. "At many organizations, probably every day, there is an attempt" to gain entry into a company's system, he said.

Thirty-eight percent of respondents said their organization is prepared for a sophisticated cyberattack, while 34 percent said they were unsure. Eighty-three percent said they believe cyberattacks are among the three biggest threats facing organizations.

Asked if there is a shortage of skilled cybersecurity workers, 86 percent agreed. Thirty-four percent said they plan to hire more cybersecurity workers in 2015 but expect the search to be difficult. Only 3 percent plan to hire and expect it to be easy to find skilled candidates.

And 54 percent said they find it difficult to identify which new college graduates have adequate skills and knowledge.

Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's email address is grant_gross@idg.com.

Join the Good Gear Guide newsletter!

Error: Please check your email address.

Tags CA TechnologiesregulationsecurityISACAdata breachlegislationgovernmentBarack ObamaRobert Stroud

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Grant Gross

IDG News Service
Show Comments

Essentials

Lexar® JumpDrive® S57 USB 3.0 flash drive

Learn more >

Microsoft L5V-00027 Sculpt Ergonomic Keyboard Desktop

Learn more >

Mobile

Lexar® JumpDrive® S45 USB 3.0 flash drive 

Learn more >

Exec

HD Pan/Tilt Wi-Fi Camera with Night Vision NC450

Learn more >

Audio-Technica ATH-ANC70 Noise Cancelling Headphones

Learn more >

Lexar® JumpDrive® C20c USB Type-C flash drive 

Learn more >

Lexar® Professional 1800x microSDHC™/microSDXC™ UHS-II cards 

Learn more >

Budget

Back To Business Guide

Click for more ›

Most Popular Reviews

Latest News Articles

Resources

PCW Evaluation Team

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?