A new information security law has been proposed in the Senate. If it’s passed, it could increase IT costs for many private companies, according to opponents of the bill.
Introduced in the Senate last week, the Cybersecurity Act of 2012 is a proposed information security law that would impose new cybersecurity requirements for companies that support the country’s “critical infrastructure.”
That could include private businesses in the banking and finance industry, companies providing water and electric utilities, and businesses in the transportation sector.
If it’s passed, the law would allow the Department of Homeland Security (DHS) to identify computer networks that could cause casualties or severe economic damage if attacked. The agency would set security regulations for companies operating those networks and penalize companies that can’t show they’re secure, Bloomberg reports.
The bill also calls for increased information sharing between the government and private businesses about new security threats, incidents and best practices for protecting information and computer networks.
The law would require the DHS to work with companies to develop security plans and would give organizations a chance to appeal a decision that forces them to comply with security regulations.
Despite those protections, the bill has come under fire from groups such as the U.S. Chamber of Commerce, which claims the law would significantly increase businesses’ operating costs.
Critics have also argued that the law would give the DHS too much power in deciding which businesses will be covered by new regulations.
Proposals for similar information security laws have also been attacked by some groups that say they’ll actually put more information at risk and endanger privacy.
Supporters of the information security law, however, have claimed the measures are necessary to protect the U.S. from cyberattacks and are trying to bring the bill to a vote as soon as possible. We’ll keep you posted.