As technology progresses, we are seeing more cyber crimes being committed. More companies are storing their information on the cloud, which means cyber criminals are going to be spending more time trying to steal information off the web instead of good old fashioned thievery. That is why it is so important to be proactive and protect all of your company information before attacks happen. That is one of the reasons why California is working so hard right now to put through legislation to prevent and protect against cyber attacks that may be threatening the state in the future.
Preparing for threat in the Golden State
Sen Bob Hertzberg, D-Van Nuys, has proposed two bills that have both been approved by the Senate and are now in the stages of being taken to assembly to get passed. Both bills will help discourage cyber crimes and will help to resolve issues with security quickly and effeciently. One bill, SB-1444 is focused on protecting current information and preparing for possible breaches of that data. The bill would require state agencies to inventory the information they are currently storing and plan procedures to notify and work with the individuals affected, the emergency response team, and the agency officials in the event that a cyber breach has occurred.
The other bill, SB-1137, is focused on punishing criminals who knowingly put ransomware on a computer and demand a payment to get it removed. Criminals would be fined up to $10,000 and potentially prosecuted with up to 4 years in prison.
The house has approved two bills that will be moved to the Senate for consideration. AB-2623 requires state agencies to submit any security breaches to the Department of Technology, so funds can be allocated appropriately. The idea is that spending is focused on the areas of most vulnerability ensuring a stronger front in the future. AB-1841 requires that the Office of Emergency Services provide an emergency response plan in the event of a cybersecurity incident. This plan must be submitted and approved by July 1, 2017. Every business should have a response plan in place in the event of lost critical data, and that is why the state of California’s legislators found it so important to focus on a plan of their own.
Not to worry about some things
Not all cybersecurity bills are being passed quickly and unanimously as you might think based on the four that have been recently given a lot of attention. There are a few bills that have been held back including SB-1881 (allowing controls to be developed for all state agencies and departments), SB-2595 (requiring a cybersecurity strategy and allowed federal homeland security grant funding to be administered), and SB-2720 (a bill that would have allowed people to get a “bounty fee” for catching vulnerabilities and reporting them to the state cybersecurity experts). California legislators saw flaws in all these bills making them impossible to pass.
Some people were disappointed in losing SB-2720 because it had so much potential to help prevent issues if they were all being reported, but unfortunately, offering a “reward” for submitting them could have meant way too many hours of sifting through reports to determine which ones were legitimate and which ones were fakes, and the cost of figuring out how to manage the program would have been outrageous.