Insurance & Technology is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


09:13 AM
Connect Directly

Businesses Urged To Share

Bill seeks to limit use of sensitive information in lawsuits.

By Eric Chabrow

To protect the nation against cyber-terrorists, the federal government is asking companies to share sensitive data about security holes in their IT infrastructures. Any cyberattack likely would be waged on networks controlled by private companies, which own 85 percent of the nation's critical IT infrastructure.

"The future battlefield is in private hands," Sen. Robert Bennett, R.-Utah, said last month at a Senate Governmental Affairs Committee hearing on a bill he's sponsoring, which would exempt from some provisions of the Freedom of Information Act businesses that voluntarily reveal secrets to the government involving IT vulnerabilities.

Citizens can use the Freedom of Information Act to compel the government to provide some confidential data, and companies fear the information they disclose will be available or leak to competitors or-worse yet-lead to criminal or civil lawsuits.

"Companies won't disclose voluntarily if it could bring financial harm to them," says Ty Sagalow, chief operating officer of New York-based American International Group's E-Business Risk Solution unit. "Better to keep your mouth shut."

A recent Computer Security Institute/FBI survey revealed that 90 percent of 503 computer security practitioners surveyed detected computer security breaches during the previous 12 months, but only 34 percent reported them to law enforcement.

[email protected]

This article originally appeared in InformationWeek, a sister publication of I&T.

Register for Insurance & Technology Newsletters