U.S. Senators Cory Gardner (R-CO) and Mark R. Warner (D-VA), co-chairs of the Senate Cybersecurity Caucus, along with Sens. Ron Wyden (D-WA) and Steve Daines (R-MT) introduced bipartisan legislation to improve the cybersecurity of Internet-connected devices. The Internet-of-Things (IoT), the growing network of Internet-connected devices and sensors, is expected to include over 20 billion devices by 2020. Presently, there is no full, comprehensive accounting of the IoT devices that the U.S. government owns or operates.
IT CALLED ME
IoT devices have been used by bad actors to launch Distributed Denial of Service (DDoS) attacks against particular websites, web-hosting servers, and internet infrastructure providers. Data breaches are on the rise. The Identity Theft Resource Center (ITRC) reported that there have been 881 data breaches recorded this year through July. Some 17 million records have been exposed since the beginning of the year. The incident total is 25.7% higher than at the same time last year, providing further incentive for the bill.
HOW ABOUT A NICE GAME OF CHESS?
The Internet of Things (IoT) Cybersecurity Improvement Act of 2017 will require vendors who sell internet-connected devices to the federal government ensure their devices are not vulnerable to attacks through embedded passwords. The bill will also push for industry standard protocols, prohibit the use of hard-coded passwords, and eliminate known security vulnerabilities. On its surface, the bill applies only to tech companies and contractors that are trying to sell IoT products to the U.S. government. Warner posits that the sheer purchasing power of the federal government, which could spend as much as $95 billion on tech next year, will force the hand of manufacturers of similar security improvements in similar IoT devices that companies sell to consumers. The Senators’ maneuver appears to have broad based support from the industry and the public sector.
The proposal would further direct the Office of Management and Budget (OMB) to develop alternative network-level security requirements for such devices and direct the Department of Homeland Security’s National Protection and Programs Directorate to issue guidelines regarding cybersecurity coordinated vulnerability disclosure policies to be required by contractors providing connected devices to the U.S. Government. We’ll keep tracking these efforts to raise the nation’s cyber defense condition.
GET ME THE PRESIDENT
The President's Commission on Combating Drug Addiction and the Opioid Crisis issued its preliminary report and the first and most urgent recommendation is for the president to declare a national emergency under either the Public Health Service Act or the Stafford Act. This move could expedite and coordinate Federal Emergency Management Agency (FEMA) assistance in the administration of disaster relief resources and assistance to states hardest hit by prescription overdose.
BRING THE LIST UP AGAIN
The Commission’s first report also recommends a series of solutions, which have gained traction in many state legislatures in regions of the country. The Commission seeks to expand capacity for drug treatment under Medicaid, increase the use of medication-assisted treatments, encourage the development of non-opioid pain relievers, and mandate that every local law enforcement officer in the nation carry naloxone, the drug that rapidly reverses opiate overdose.
Making Our Way Around The Country
DEPARTMENT OF LABOR
The Department of Labor issued a Request for Information to the White House Office of Management and Budget related to an emerging overtime regulatory scheme. The RFI seeks comment and information on 11 particular questions, including whether to regionalize standard salary level set based on cost of living indicators, how to effectively identify employees who may be exempt, and changes to the duties test which may alter the rule’s application to employees. Written comments must be submitted by Sept. 25, 2017.
A new lawsuit filed in Oklahoma again takes aim at several provisions of the Sooner State’s Workers’ Compensation Act. The suit argues that the maximum temporary disability benefit set by the legislature is arbitrary and that it places economic burden on injured workers without any legitimate state interest. The state Supreme Court previously nullified two other benefit provisions in the Act in 2016. Lawyers for the plaintiffs cite the benefit cap, the second lowest cap in the nation, as a denial of due process that violates the state constitutional guarantee of an adequate remedy for an injury.
The National Council on Compensation Insurance reported insurance premiums that Illinois employers pay should drop by more than 10 percent in 2018. In its report, NCCI notes that work-related incidents have dropped, leading it to suggest a drop in rates. In the most recent University of Oregon study on workers compensation costs to employers, Illinois was seventh-highest in the nation, tied with, interestingly enough, Oklahoma.
INCLUSION DRIVES INNOVATION
And finally this week, we go back to the DOL. U.S. Secretary of Labor Alexander Acosta announced that the Office of Disability Employment Policy announced that the theme of October’s National Disability Employment Awareness Month will be “Inclusion Drives Innovation.” Secretary Acosta said of the theme, “Smart employers know that including different perspectives in problem-solving situations leads to better solutions. Hiring employees with diverse abilities strengthens their business, increases competition, and drives innovation.” It’s a lesson that the state of West Virginiahas taken to heart, proving its return on positive action.
About The Way
The Way is Gallagher Bassett's weekly governmental briefing on state and federal affairs that affect our industry. We thank you for starting your Wednesday morning with us. Please be sure to follow #GBTheWay for additional news and updates as we make our way throughout the country on the issues affecting our industry. For more information, please connect with GB on LinkedIn, follow us on Twitter, or contact the authors, Greg McKenna or Cari Miller, directly.