By Chris Strohm (Bloomberg)
To view the original article please click here.
Feb. 8 (Bloomberg) — Tax breaks and liability protection may spur banking, energy and telecommunication companies to improve cybersecurity on their computer networks, the chairman of a House technology panel said.
Representative Greg Walden, an Oregon Republican, said today he will consider taking up a bill offering incentives instead of legislation creating regulations for owners and operators of vital systems. He leads the House Energy and Commerce Communications and Technology Subcommittee.
“We cannot legislatively, through mandates, ever get ahead of those who seek to do us harm,” Walden said in an interview. “If we do this in an incorrect way we actually hurt the ability of the private sector.”
U.S. lawmakers and regulators are considering measures to prevent spies, criminals and terrorists from harming economic or national security with cyber attacks. Senators may introduce a comprehensive cybersecurity bill as early as tomorrow that would create a system for the Homeland Security Department to require owners and operators of vital infrastructure to better protect networks.
Offering companies federal incentives may lead to better network security, industry officials told Walden’s panel today during a hearing.
“We have a whole bunch of laws that were written for an analog world and we are now in a digital world,” said Larry Clinton, chief executive officer of the Internet Security Alliance, an Arlington, Virginia-based trade group. “We need to provide a right mix of incentives and regulation.”
Companies could be awarded tax breaks for good cybersecurity practices and liability protection from civil or criminal lawsuits, said Robert Dix, vice president of government affairs for Sunnyvale, California-based Juniper Networks Inc., a computer hardware and software maker.
The government could also provide grants and loans to companies that prove they are protecting their networks while developing a federal seal of excellence for companies that demonstrate proper cybersecurity, Dix said.
Dix also called for the government to create a national warning system that gives companies timely information about cyberthreats, similar to what the National Weather Service has for storms and the Centers for Disease Control and Prevention uses for illness outbreaks.
Outdated laws prevent Internet-service providers from sharing threat information, said Phyllis Schneck, vice president and chief technology officer for Santa Clara, California-based McAfee Inc.
Sharing Classified Data
Schneck, Dix and Clinton said they support a bill introduced by Representative Mike Rogers, a Michigan Republican who leads the House Intelligence Committee, that would let government agencies share classified information on cyberthreats with companies.
House Republican leaders haven’t said when the bill may be brought up for a vote.
“We have a very real and present danger when it comes to cyberthreats to our networks,” Rogers said during the hearing. He said companies are losing $300 billion to $1 trillion a year from computer-related theft of intellectual property.