This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies.
Business Group Issues Advance Warning Against Potential Cybersecurity Regulations
Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...
In advance of potential action from the White House and the new Congress on cybersecurity initiatives affecting the private sector, the Business Roundtable (BRT) Jan. 9 issued a report calling for nonregulatory cybersecurity policies.
Among other recommendations, the association that consists of the chief executive officers of leading U.S. companies urged the improvement of public-private collaboration on cybersecurity. However, the group cautioned against any efforts to regulate the cybersecurity practices of the private sector.
“BRT is concerned that these proposals would shift the nation's resources toward a static, compliance-based regime to address cybersecurity threats over a more dynamic information sharing and risk management solution,” the report said.
Legislative Activity Expected
Cybersecurity is expected to be back on the congressional agenda this year, after the 112th Congress failed to reach agreement on legislation (11 PVLR 1680, 11/19/12).
A key area of contention over the cybersecurity bill (S. 3414) was language calling for voluntary cybersecurity standards for critical parts of the private sector. The Chamber of Commerce, which actively lobbied against the bill, argued that the proposed standards could easily translate into burdensome government regulations.
The White House is weighing the possibility of issuing an executive order on cybersecurity in light of congressional inaction thus far. A recently leaked draft executive order included language calling on federal regulatory agencies to determine whether cybersecurity requirements under current law are adequate (12 PVLR 31, 1/7/13).
The BRT argued in its report that information sharing between the government and the private sector is “the single most important element of an effective cybersecurity policy.” The group called for legislation that creates “robust, two-way information sharing, with appropriate legal and privacy protections.”
The report said the roundtable's chief executive officers are “committed to working with Congress and the administration to achieve solutions that provide the public and private sectors with the intelligence and tools necessary to collaboratively confront sophisticated cybersecurity risks.”
The Business Roundtable report, “More Intelligent, More Effective Cybersecurity Protection,” is available at http://businessroundtable.org/uploads/studies-reports/downloads/More_Intelligent_More_Effective_Pre-Publication.pdf.