Push for Cybersecurity Bill Continues

Industry and Top Administration Officials Give Praise

March 9, 2012

WASHINGTON, D.C.—Key industry stakeholders and top administration officials continue to weigh in on the need for cybersecurity legislation.  In a letter to sponsors of the Cybersecurity Act of 2012, defense contractor Northrop Grumman yesterday urged action to protect critical infrastructure from cyber threats.  And today, Commerce Secretary John Bryson penned an op-ed in POLITICO on the need for immediate action on cybersecurity legislation.

The bipartisan cybersecurity bill, introduced last month by Senators Jay Rockefeller, D-W.Va., Joe Lieberman, ID-Conn., Susan Collins, R-Maine, and Dianne Feinstein, D-Calif., addresses cyber vulnerabilities and gives the federal government and the private sector the tools necessary to protect our most critical infrastructure from growing cyber threats.  

The text of Secretary Bryson’s op-ed follows:

The New Face of Corporate Espionage

By Commerce Secretary John Bryson

Over the past 5 years, a highly sophisticated team of operatives have stealthily infiltrated more than 70 U.S. corporations and organizations to steal priceless company secrets. They did it without ever setting foot in any victim’s office. Sitting at undisclosed computers, they could be anywhere in the world.  

This is the new face of corporate espionage. Thieves whose identities are safely obscured by digital tradecraft rather than a ski mask, robbing companies of the ideas that are the source of American ingenuity.

We now rely on the Internet to conduct business, supply communities with power and water, communicate with loved ones and support our troops on the battlefield.  Our digital infrastructure is part of our country’s lifeblood.  Individual consumers, government agencies and small and large businesses are all increasingly vulnerable to growing threats.    

However, there is another reason to care about Internet security that is less known: protecting U.S. competitiveness and jobs in the global economy.   

In the coming weeks Congress has an opportunity to do just that. As we mark National Consumer Protection Week — a time for consumer advocacy groups, private organizations and agencies at every level of government to highlight the ways individuals and families can protect themselves from scams, fraud and abuse—we are reminded of the role we each play in defending ourselves against online attacks and securing cyberspace.

U.S. companies use information networks to create and store their unique ideas.  The ideas that power our economic growth. Every day the networks of these companies, from large corporations to small businesses, are targeted by criminal organizations and nation-state thieves for these trade secrets.  

Though this new corporate espionage is rampant and rising, calculating the damage to U.S. interests remains difficult.  Not all data theft victims are aware of -- or willing to report -- these incidents.  Even when a cyber-intrusion is detected, investigators usually cannot determine what information has been stolen or how the ultimate recipients will use it.

In the aggregate, the theft of this property, including everything from sensitive defense technology to innovative industrial designs, insidiously erodes government and corporate competitive advantages among global peers. 

The effect on individual companies can be far more tangible and dramatic. U.S. companies invest considerable time and money in researching and developing new products, only to be undercut by cheaper-priced competition using their stolen property.  

Unfortunately, companies experience losses from this every day, which can mean worker layoffs and less hiring.  Quite simply -- cyber espionage means fewer American jobs. Yet many cyber intrusions could be prevented by implementing sound cybersecurity practices.

To address this, President Barack Obama sent Congress a package of legislative proposals last May to give Washington new authority to share information about cyber threats with businesses, and if asked, to provide assistance to prevent cyber theft.  The proposal would also require that companies most critical to national security and economic prosperity improve their cybersecurity defenses.  

There is now strong bipartisan consensus in Congress for cybersecurity reform.  A report issued last fall by a House Republican task force recommended many of the concepts that the president had proposed to Congress.  Indeed, one specific reason for legislative reform referenced by the House GOP was the need to prevent information from being stolen from business databases.

The Senate has also shown a willingness to tackle this issue.  Sens. Joe Lieberman (I-Conn.), Susan Collins (R-Maine), Jay Rockefeller (D-W.Va.) and Diane Feinstein (D-Calif.) have introduced legislation that would provide new authorities for information sharing and voluntary government assistance, while also requiring the companies that the nation relies upon for its security and prosperity to implement cybersecurity defenses.  Both sides of the aisle should work together to pass meaningful legislation as quickly as possible.

We need congressional leaders to follow through without delay to address this issue of national consequence.  The administration has provided Congress with its vision for how to protect U.S. ingenuity from cyber theft. But only Congress can grant the government new authorities to help companies with that task.  

The Senate is expected to take up the issue in the coming weeks.  We hope the House will act soon as well.  Each day that passes, more property is stolen from American businesses, eroding our competitiveness and putting workers at risk. It’s now time to modernize our laws and save American jobs.