The state House unanimously passed legislation on May 20 that encourages companies to adopt recognized cybersecurity standards.
HB 6607 promotes the adoption of defined cybersecurity frameworks by preventing a company from being liable for punitive damages in the event of a data breach.
The co-chair of the Trade Committee, Representative Caroline Simmons, speaks before the House vote on HB 6607.
The frameworks are well recognized by the cybersecurity community, including the National Institute of Standards and Technology, the Center for Internet Security, the International Organization for Standardization, and the International Electrotechnical Commission.
CBIA supported the bill, noting that it provides additional incentives for companies to invest in cybersecurity compliance, which is increasingly critical as companies move into a remote, electronic world.
Representative Caroline Simmons (D-Stamford), co-chair of the Legislature’s Trade Committee, said the bill strengthens state cyber defenses, noting collaboration among stakeholders, including the CBIA , in the development of the measure.
“There are too many companies that underestimate this threat and do not have the tools to strengthen their defenses,” he said.
“According to a 2018 CBIA survey, nearly a quarter of Connecticut companies experienced a data breach or cyberattack in the previous two years. And 90% were small businesses with less than 100 employees.
“This legislation is critical to protecting our most vulnerable industries from the growing threat of cyberattacks.”
Committee ranking member William Buckbee (R-New Milford) told fellow lawmakers that “data breaches are too dangerous and this bill does so much to protect consumers and businesses.”
The bill now goes to the state Senate.