Abner Stories

Intrusion Alert Bill

This one could get interesting - Dianne Feinstein, D-Calif., is introducing a bill that will require customer notification if the account experiences an electronic intrusion.

Questions articles on this topic have yet to answer:

- What is the definition and severity of intrusion required to trigger an alert?

- Is this being done because most banks rely on customers to point out inconsistencies on account statements?

- How often do banks get hacked and then not say something? If the bank does not say something, how often is that a problem?

- Since when was the Software Business Alliance involved in setting security oriented government policy?

- Who are the true beneficiaries of this bill? Consumers - powerless to react? Or security software and services companies who will help banks prevent and investigate intrusions?

- Will security services firms be required to report intrusions at banks to government authorities? (and break long-standing non-disclosure and confidentiality agreements?)

- Will banks now report intrusions the same way airlines report on time arrivals and departures?

This is interesting legislation. However, I think it may be solving a problem that does not yet exist. Anyone who has read the legislation (or at least has a lijnk to it) and can provide answers to the questions above - please comment.