A proposed federal cybersecurity reporting rule could lead to burdensome requirements and over-reporting of hacks , private-sector representatives warned members of the House Homeland Subcommittee on Cybersecurity and Infrastructure Protection on Wednesday.
Panelists argued the proposed rule’s definition of “substantial cyber incident” is too narrow and could lead to over-reporting. The law should distinguish between something like a software upgrade that goes awry and a malicious incident, said Heather Hogsett, senior vice president at the Bank Policy Institute.
The industry panel followed the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency’s notice of proposed rulemaking last month for a ...
Learn more about Bloomberg Law or Log In to keep reading:
Learn About Bloomberg Law
AI-powered legal analytics, workflow tools and premium legal & business news.
Already a subscriber?
Log in to keep reading or access research tools.