A proposed federal cybersecurity reporting rule could lead to burdensome requirements and over-reporting of hacks , private-sector representatives warned members of the House Homeland Subcommittee on Cybersecurity and Infrastructure Protection on Wednesday.
Panelists argued the proposed rule’s definition of “substantial cyber incident” is too narrow and could lead to over-reporting. The law should distinguish between something like a software upgrade that goes awry and a malicious incident, said Heather Hogsett, senior vice president at the Bank Policy Institute.
The industry panel followed the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency’s notice of proposed rulemaking last month for a ...
Learn more about Bloomberg Law or Log In to keep reading:
See Breaking News in Context
Bloomberg Law provides trusted coverage of current events enhanced with legal analysis.
Already a subscriber?
Log in to keep reading or access research tools and resources.