Group Calls For Public-Private Alliance To Protect Cyberspace

April 17, 2012

By Andrew Feinberg (The Hill)

As Congress turns its focus to cybersecurity matters, 26 major business and trade associations are seeking to remind lawmakers that cyberspace is “a bulwark of the global economy.”

The group sent a letter Tuesday to House Speaker John Boehner (R-Ohio) and Minority Leader Nancy Pelosi (D-Calif.) urging action to protect “the prosperity and security of our interconnected world” by focusing on five policy objectives the businesses and associations believe would improve the nation’s readiness to face attacks on its information infrastructure.

The private sector owns and operates the “vast majority” of systems that are regularly subject to cyberattacks, and has “the greatest incentive to manage and defend against them,” the group said.

To view the original article please click here.

Despite private ownership, the group acknowledged “widespread agreement that the protection and resilience of these systems and assets require the public and private sectors to work together” to improve information-sharing techniques while safeguarding personal privacy.

Legislation should therefore limit private-sector liability arising out of any information-sharing meant to improve cybersecurity, the group said.

Government and business should be able to share information in a “trusted, constructive, and actionable manner without creating burdensome regulatory mandates or new bureaucracies.” But there must be a “safe harbor” for such sharing, combined with assurances that sharing will not lead to “frivolous lawsuits, would be exempt from public disclosure, and could not be used by officials to regulate other activities.”

Public-private partnerships should be encouraged by legislation for purposes of improving cybersecurity readiness, the letter said. Legislation should catalyze research and development, awareness and education, and any other opportunities for collaboration between government and businesses. The letter emphasizes the industry expectation that any House legislation will “serve to complement, not harm, the public-private partnerships existing under the National Infrastructure Protection Plan framework.”

Additionally, the House should take the lead in reforming the Federal Information Security Management Act of 2002 in order to “harmonize information security programs across civilian government agencies” and allow government to take advantage of changing technologies. This would let the government “lead by example,” the letter said.

Organizations signing the letter include the U.S. Chamber of Commerce, National Association of Manufacturers, TechNet and the Internet Security Alliance, along with 22 others.