A bipartisan measure backed by U.S. Sen. Susan Collins aims to press publicly traded companies to disclose more about how they’re dealing with cybersecurity risks.

It’s an issue that’s garnered growing scrutiny in the wake of some high-profile data breaches at major companies such as Target that exposed information about millions of consumers to hackers who breached company computers.

The Cybersecurity Disclosure Act the Maine Republican is sponsoring along with two Democrats doesn’t require companies to do anything, but asks them to tell whether any members of the company directors have cybersecurity expertise and, if not, to explain why they don’t think it’s necessary.

“As cyberattacks become increasingly common, Congress must take action to better protect Americans from hackers attempting to steal sensitive data and personal information,” Collins said in a news release.

“Our bill would make sure companies disclose to the public the basic steps they are taking to protect their businesses from cyberattacks,” she said.

“Investors and customers deserve a clear understanding of whether publicly traded companies are prioritizing cybersecurity and have the capacity to protect investors and customers from cyber-related attacks,” said U.S. Sen. Jack Reed, D-R.I., who joined Collins and U.S. Sen. Mark Warner, D-Va., to introduce the proposal.

Advertisement

For Collins, it’s not a new issue.

She told one of President Donald Trump’s Cabinet nominees that “the recent focus on the cyberintrusion in the campaigns has greatly increased the public’s awareness of this problem. But the fact is cyberintrusions go far beyond the political space, troubling and appalling though that is.”

“All public companies face threats daily from determined cyberattackers out to steal their data,” Warner said in a news release. “As we’ve seen with data breaches at retailers like Target and service providers like Yahoo, it is in the best interest of consumers and shareholders for companies to fully disclose the plans they’ve set in place to defend against them.”

“This legislation provides needed transparency in an often shrouded process that directly affects the privacy of millions, and will serve as a tool to urge other entities to follow through on establishing a reliable strategy to counter cyberattacks,” the Virginia Democrat said.

Reed said on the Senate floor that “data breaches are on the rise. Indeed, 2016 was a record-breaking year for data breaches, which increased 40 percent from the prior year to 1,093 breaches according to the Identity Theft Resource Center.”

“This legislation will highlight how focused firms are in terms of data security and safeguarding private information and should encourage more companies to improve their cybergovernance. Through simple disclosure, we can strengthen cybersecurity oversight,” Reed said.

Advertisement

Cybersecurity is receiving ever more attention from regulators.

In New York, for instance, regulated organizations have been required since March to name a chief information security officer and prepare annual cybersecurity reports.

The Senate Committee on Banking, Housing, and Urban Affairs is considering the bill.

scollins@sunjournal.com

U.S. Sen. Susan Collins
AP

Comments are not available on this story.