Thank you for visiting Paducahsun.com, online home of The Paducah Sun.

June 2012
27 28 29 30 31 01 02

Click here to submit an event.

Protecting citizens' personal data a 'no-brainer'

By JIM WATERS The Bluegrass Institute


The Bluegrass Institute

Target Corp. is learning the hard way: The price is steep for retailers who don't protect customers' sensitive financial information.

Target's profits fell a whopping 50 percent during its fourth quarter of 2013 as the result of a massive security breach involving as many as 110 million of its customers' credit and debit card accounts, which began the day before Thanksgiving and extended throughout much of the holiday shopping season.

In fact, the Nightmare before Christmas continues to play as Target provides customers with free credit monitoring and theft protection services and pays legal fees incurred by investigations and litigation.

Profit provides an all-powerful incentive for private-sector businesses to beef up their cybersecurity and respond immediately when computer systems get hacked.

But what is an effective inducement for public agencies to shield sensitive information like Social Security and drivers' license numbers or delicate health data?

Political consequences certainly can provide significant incentives.

South Carolina Gov. Nikki Haley was forced to accept responsibility after digital thieves hacked into her state's Department of Revenue computer servers and swiped tax returns containing Social Security numbers and bank account information involving 5 million individuals and businesses.

States "hold loads and loads of sensitive information - more than any other entity, except - possibly - for a company like Google," said Nathan Cryder, chief policy advisor for state Auditor Adam Edelen.

Edelen is pushing legislation to prevent a South Carolina-like cyber disaster here by requiring state and local government agencies to notify victims of stolen data within 35 days of a security breach. It also requires the Commonwealth Office of Technology to develop a crisis plan and provide cybersecurity training for agencies.

Cryder calls the proposal "a no-brainer."

What's disconcerting is that most Kentuckians probably assumed that such a plan and notification requirements already were in place.

But keep in mind what "assumptions" can make out of us.

Based on her post-hacking comments, it's possible that South Carolina Gov. Haley didn't know about the cybersecurity lapses in her own state, either.

A penitent Haley now is performing what may be considered the gubernatorial version of "community service" by making it her mission to warn other states and federal agencies like the IRS to encrypt the taxpayer data they have been entrusted with.

Encrypting occurs by adding layers of protection so that thieves, even if they successfully hack a computer server, cannot decipher sensitive information without the cryptographic key. These bandits may break into the bank but, without the combination, the money in the vault remains inaccessible to them.

House Bill 5 does not require government agencies to encrypt data. However, isn't it just common sense to do so?

Investigations following the attack in South Carolina revealed the state could have prevented $12 million worth of damage - plus great loss of public confidence in the government - for a $12,000 password encryption system.

An ounce of prevention really is worth a pound of cure.

The cybersecurity bill arrived at the Senate's State and Local Government Committee after sailing through the House on a 99-1 vote. Sen. Joe Bowen, R-Owensboro, who chairs that committee, indicated he supports improving cybersecurity but rightly wants to ensure that state government doesn't force unfunded mandates on local governments.

Bowen should use the committee process to protect local governments, but then also protect taxpayers by doing what 46 other states already have done: pass a breach notification bill and avoid what at least one state, its political leaders and - most importantly - its citizens endured.

If government spending decisions should be transparent to taxpayers, so too should breaches involving personal data they hand over to that government.

It really is a no-brainer.

Jim Waters is president of the Bluegrass Institute, Kentucky's free market think tank.

Comments made about this article - 0 Total

Comment on this article

Your comment has been submitted for approval
captcha ab62452367254632ac9a45cb5ca3c13d
Top Classifieds
  • 2 Free Cats with toys 270-898-4963 Details
  • Purebred Yorkie puppies, no papers, t ... Details
  • BASENJI (very rare) or Cocker pups. 2 ... Details
  • Men's Trek 7300 andWomen's ... Details
  • FNB Bank, Inc. will be accepting seal ... Details
  • CompletelyRemodeled-4 bdrm., 2 bath,1 ... Details
  • SEEING is believing! Don't buy p ... Details
  • HandymanSpecial 3 BR 1 BA fenced inba ... Details
  • 3 BR, 2 ba, C/A, fenced in backyard, ... Details
  • FISHING RETREAT 4-SALE Older Mobile ... Details
  • Details
  • 9801 Enlow Dr. 2 Acres, 3 lg. bdrm., ... Details
  • 2002 36' DIESEL PUSHER 40,XXX MI ... Details
  • 2007 Mazda MX5Miata conv.hardtop, $85 ... Details
  • 26ft Coachman Cascade (2004) 13ft sli ... Details
  • 2011 Cadillac CTS 4 dr., cream color, ... Details
  • AUTOMOVER SPECIAL6 lines - 14 dayson ... Details
  • 2x3 18 Passenger Bus wheelchair lift ... Details

Most Popular
  1. 'Why Bobby Lee?'
  2. Holiday weekend kicks off another busy boating season
  3. City ignores veteran status of soldiers who fought for CSA
  1. Tilghman High graduates 152
  2. Beaver Dam rest area will stay shut most of the year
  3. Purple Toad's Dossey wins Winemaker of the Year title
  1. City ignores veteran status of soldiers who fought for CSA
  2. 'Why Bobby Lee?'
  3. Lawn pickers

Check out these recently discussed stories and voice your opinion...