The key to effective cybersecurity is information sharing, according to a new report from a coalition of some of America’s top CEOs.
The report, which provides nearly 30 pages of strategy on “more intelligent, more effective cybersecurity protection,” was published Wednesday by the Business Roundtable (BRT), an association of chief executive officers of leading U.S. companies, including Boeing, Dow, MasterCard and P&G.
Asserting that a deeper level of public-private sector collaboration is needed to defend against emerging cyber threats, the BRT report offers up a cross-sector approach for increased information sharing and threat-informed risk management.
“To keep pace with evolving cybersecurity threats, the public and private sectors must leverage and retool current legal and policy constructs,” the roundtable stated in the report.
Renewing their support for the Cyber Intelligence Sharing and Protection Act (CISPA), which passed the House in April 2012, the BRT said the bill is “a positive first step toward establishing the real-time information sharing that is required for the public and private sectors to address cybersecurity risks.”
But until CISPA is revisited on the Hill, the roundtable’s report intends to provide Congress and the Obama administration with recommendations for policy on enhanced information sharing, including: strong liability protections for private companies that share information with the government, exemptions under the Freedom of Information Act for the release of information, and guidance on antitrust regulations.
The report additionally calls for new law enforcement capabilities to seek out and prosecute cyber criminals and increased investments in research and development to improve cybersecurity capabilities as threats evolve.
“Safeguarding America’s strategic information systems, most of which are privately owned and operated, is a top priority for U.S. business,” Ajay Banga, president and CEO of MasterCard Worldwide and chairman of the Business Roundtable’s Information and Technology Committee, said in a statement regarding the report. “But, to counter growing threats, we need intelligence and tools from government that only government can provide.”
“The robust, two-way exchange of information, supported by appropriate legal and privacy protections, will improve public-private risk management, and ultimately, improve the security of the nation’s cyber assets,” Banga added.