WASHINGTON, D.C.— Chairman John D. (Jay) Rockefeller IV (D-WV) and Ranking Member John Thune (R-SD) today introduced bipartisan cyber legislation that would help strengthen and protect the nation’s economic and national security. The Cybersecurity Act of 2013, S. 1353, would give the National Institute of Standards and Technology (NIST) authority to facilitate and support the development of voluntary, industry-led cyber standards and best practices for critical infrastructure. The bill would also make sure the federal government supports cutting edge research, raises public awareness of cyber risks, and improves the nation’s workforce to better address cyber threats.

“I’ve always thought this was a great way to emphasize the critical need for a public-private approach when it comes to solving our most pressing cybersecurity issues,” said Rockefeller. “Senator Thune shares with me a commitment to giving businesses the flexibility and assurances they need as they work toward this goal, and those the government must meet in a changing world of cyber threats with potentially devastating impacts for our economy and national security. NIST is a jewel of the federal government and it’s the right organization to guide this very important work.”

"One of the greatest threats to our national security and economic safety is the ability to protect ourselves against the growing number of cyber threats from around the world,” said Thune. “To better address these threats, we must leverage the innovation and know-how of the private sector, as well as the expertise and information held by the federal government to address immediate threats and those in the future. I appreciate Chairman Rockefeller's leadership in this area, particularly when it comes to the voluntary, industry led approach we have outlined in this legislation. I look forward to continuing to work with him, fellow colleagues, and relevant stakeholders to address these ongoing threats."

The joint Rockefeller-Thune bill is a breakthrough after years of working toward a bipartisan consensus on cybersecurity legislation. Its introduction comes ahead of the Commerce Committee hearing on Thursday, July 25, at 2:30 p.m. titled, “The Partnership Between NIST and the Private Sector: Improving Cybersecurity”. The hearing will explore the public-private partnership NIST is facilitating to allow private sector companies the opportunity to promote cybersecurity standards and best practices to protect the nation’s most critical systems. The hearing is also expected to explore proposals to improve cybersecurity research and development, workforce training and education, and public awareness.

The Cybersecurity Act of 2013 would:

• Formalize cybersecurity as one of NIST’s priority areas of focus. It will create a NIST-facilitated, industry-driven process for developing a set of voluntary cybersecurity standards for critical infrastructure. These standards will not duplicate or conflict with existing cyber requirements or regulatory processes, and they will be non-regulatory, non-prescriptive and technology neutral;

• Strengthen cyber research and development. It builds on existing research and development programs and ensures better coordination across the federal government;

• Improve the cyber workforce and cyber education. It will help make sure we train and prepare the next generation of cyber experts; and

• Increase the public’s awareness of cyber risks and cybersecurity.

###