Recently, Reps. Anna Eshoo (D-CA) and Susan Brooks (R-IN) introduced the “Promoting Good Cyber Hygiene Act of 2017.” The bill tasks the National Institute of Standards and Technology to work with the Federal Trade Commission and Department of Homeland Security to develop a list of voluntary cybersecurity best practices for both the federal government and private sector. Sens. Orrin Hatch (R-UT) and Ed Markey (D-MA) introduced the same bill this week.
The bill follows a worldwide ransomware outbreak last month that hit more than 300,000 computers and an ongoing virus that security researchers now believe may have destructive intent. If passed, this legislation would help all internet users — including consumers and government workers — identify ‘best practices’ for protecting themselves against cybersecurity risks and/or breaches. Public Knowledge applauds Rep. Eshoo for leading this effort to raise additional awareness and better equip internet users to face ever-growing international cybersecurity threats.
The following can be attributed to Megan Stifel, Cybersecurity Policy Director at Public Knowledge:
“We thank Congresswoman Eshoo, Senator Markey and their colleagues for introducing legislation that would develop and publicize accessible cybersecurity best practices. In particular, we support the collaborative and transparent approach required by the bill, which provides for a notice and comment period in the development of the practices. This approach is similar to the approach used to develop the National Institute of Standards and Technology Cybersecurity Framework, which has become recognized as a cybersecurity risk management baseline across industries.
“We also support the bill’s attention to cybersecurity threats to the internet-of-things. As the number of internet-enabled devices continues to grow, now is the time to ensure that the benefits they afford do not come at the cost of security or privacy. We welcome these and similar efforts to enhance trust and security in the internet and internet-enabled devices.”