On October 5, 2011 a Congressional Task Force Report was published containing recommendations for handling security issues in four areas: (1) critical infrastructure and incentives; (2) information sharing and public-private partnerships; (3) updating existing cyber security laws; and (4) legal authorities. The general point from the report is that Congress should provide a variety of incentives to encourage the private sector to improve cyber security such as tax breaks and educational grants.
The report also recommends a role for cyber insurance: “Congress should study whether the insurance industry can help play a role in increasing the level of cybersecurity of firms that purchase cyber or data breach insurance and whether the cybersecurity insurance market is currently structured in a manner to accomplish that goal.”
This report is one in a series of attempts by Congress to draft cyber-related leglislation, none of which has passed because of jurisdictional issues and debates over what if any role the federal government has in protecting private networks.