The Honorable John D. Rockefeller IV
Chairman
Commerce, Science, and Transportation Committee
U.S. Senate
Washington, D.C. 20510
The Honorable John Thune
Ranking Member
Commerce, Science, and Transportation Committee
U.S. Senate
Washington, D.C. 20510
Dear Chairman Rockefeller and Ranking Member Thune:
The U.S. Chamber of Commerce, the world’s largest business federation representing the interests of more than three million businesses and organizations of every size, sector, and region, as well as state and local chambers and industry associations, and dedicated to promoting, protecting, and defending America’s free enterprise system, supports S. 1353, the “Cybersecurity Act of 2013,” as introduced.
The Chamber agrees with you that public-private collaboration is essential to successfully countering highly adaptive cybersecurity threats, such as groups carrying out state-sponsored attacks, organized criminals, and rogue individuals. The bill takes smart and practical steps, including authorizing the National Institute of Standards and Technology (NIST) to work closely with industry on an ongoing basis to develop voluntary guidelines and best practices to reduce cyber risks to U.S. critical infrastructure. S. 1353 also focuses on supporting cybersecurity research and development, enhancing public awareness and preparedness, and increasing the number of professionals needed in the workplace to battle nefarious cyber actors and natural
hazards.
Your bill is narrowly tailored and industry-focused. The Chamber welcomes that S. 1353 stops short of codifying elements of the administration’s cybersecurity framework process, because we believe that it is constructive to let framework efforts play out fully before they are written into law.
Also, it is crucial that Congress works to enhance information sharing related to detecting and mitigating cyber threats. While the Chamber recognizes that your committee does not have jurisdiction over information-sharing legislation, we continue to urge lawmakers to pass a cyber bill that includes robust safeguards for businesses that voluntarily exchange threat data with their peers and government partners. Targeted and bi-directional information-sharing and mitigation efforts, along with appropriate liability protection, are the most effective tools that could be provided to increase cyber protections for companies and government entities. These tools can coexist with important protections for privacy and civil liberties.
Robust and continuous improvement of cybersecurity is good for the business community, American jobs, and the United States. Looking at the big picture, the Chamber appreciates the very sensible and nonregulatory provisions you have included in S. 1353, and that you have moved it through regular order. The Chamber looks forward to working with you and your staff on this important issue.
Sincerely,
R. Bruce Josten
cc: Members of the Committee on Commerce, Science, and Transportation