The House Energy and Commerce Subcommittee on Communications and Technology, chaired by Rep. Greg Walden (R-OR), today held a hearing to examine threats to communications networks, the responses of the private sector, and the role of the federal government.
"Cybersecurity has become a pressing concern," said Walden. "There is a problem and most people don't know it's a problem. American businesses are losing dollars and jobs because of cybercrime, and our national security is potentially at risk as well. The private sector owns most of the critical infrastructure that makes up our communications networks, and they are on the front lines of cybersecurity. I appreciate our witnesses' valuable input today that will form the basis for cybersecurity legislation, and I look forward to continuing the discussion on how we can best secure cyberspace in the long run."
Industry experts testified before the committee to provide an update on current practices, insight into what they could do better, and suggestions on what, if any, role the federal government should play.
Entrust President and CEO Bill Conner highlighted the importance of public-private partnerships to share intelligence and inform the public. "The federal government needs to work more closely with the private sector to exchange critical information about the threats that each experiences," said. Conner. "This kind of situation is persistent, and we have been asking the appropriate agencies to work with us to deter further damaging breaches. Congress needs to direct the government's intelligence community to work more closely with cybersecurity companies and to share vital information on evolving threats, attack methods, and how to defend. The private sector would also benefit from an education or awareness campaign."
Robert Dix with Juniper Networks reaffirmed, "It is imperative that all of us acknowledge that cybersecurity is truly a shared responsibility, and that managing risk will requires a true collaborative approach between government and the private sector. In order for the private industry to be able to prevent and mitigate threats, industry must have access to the threat information that the government possesses."
President and CEO of the Internet Security Alliance Larry Clinton suggested Congress "provide the right mix of regulations and incentives. We need a much more contemporary and creative approach wherin the private sector is engaged, not controlled by our government partners."
McAFEE, INC. Vice President and Chief Technology Officer Dr. Phyllis Schneck offered suggestions for "positive incentives that can help address some of the fundamental challenges ISP's, telecoms, and other members of the communications ecosystem have." Schneck suggested imposing limitations on liability for damages as well as for non-economic losses, cybersecurity competitions and challenges to recruit "talented individuals," tax incentives, and insurance reforms.
James Lewis, Director and Senior Fellow at the Center for Strategic and International Studies, said, "The central problem for the U.S. will be redefining the role of government. There are clearly areas where the government should not interfere. At the same time, cybersecurity is a national security problem that requires more government involvement, not less. A comprehensive approach to cybersecurity can make us safer and let us take advantage of the new technologies in ways we have yet to imagine."