(Reuters) – A senior Democratic lawmaker said there is a growing appetite for a new federal cybersecurity law in the wake of a widespread series of digital intrusions blamed on the Russian government.
The comment from Mississippi Representative Bennie Thompson, chair of the House Security Committee, comes as cybersecurity executives face their second round of congressional questions on Friday about their corporate roles in the intrusion targeting Texas software company SolarWinds.
Presenting Witnesses, Rep Thompson said there was "growing interest in a law on cybersecurity reporting" from his colleagues and that he hoped that "we can adopt legislation on reporting cyber incidents in the short term."
What such a law might look like was not yet clear.
State and federal regulations already force organizations to notify the public in cases where health information or financial institution information is compromised, but companies are generally free to keep quiet about more traditional forms of cyber espionage ̵
"Many companies choose to say as little as possible and often it is nothing," Smith told lawmakers.
"Silence will not make this country stronger. So I think we need to encourage – and I even believe mandate – that some companies do this type of reporting.
Witnesses along with Smith on Friday were SolarWinds CEO Sudhakar Ramakrishna and FireEye Inc. CEO Kevin Mandia.  Their appearance before the joint hearing of the House Committees on Supervision and Reform and Homeland Security comes three days after the trio testified to US senators about the massive violation, which has denied nine US government agencies and more than 100 other organizations.  Former SolarWinds CEO Kevin Thompson, who resigned shortly before the breach was announced, also testified on Friday.