Rogers and Ruppersberger: Private Sector Key to Combating Cyber Threats
Few innovations have transformed humankind like the Internet. What began as a Department of Defense research project has morphed into a global system of interconnected networks making us more connected, more informed and more efficient. We pay our bills, get directions, seek out information, connect with our loved ones and put to use countless other new and vital applications. But all of these life-changing tools are at risk because the Internet is under attack.
Rampant industrial espionage is costing American jobs and billions of dollars, and the United States has simply ignored this problem for too long. Foreign states such as China and Russia are investing major resources to attack our job producers every day in an attempt literally to steal our way of life.
After a year of investigating the nature of the threat, we have discovered that the solution does not lie with government but with the private sector. That’s why we introduced bipartisan legislation in Congress that provides authority to private-sector entities to defend their own networks and those of their corporate customers and to share cyber threat information with others in the private sector, as well as with the federal government on a purely voluntary basis.
By permitting the private sector to expand its own cyber defense efforts and to employ classified information to protect systems and networks, this legislation will enhance cybersecurity and better protect the systems and networks we all rely on without costing the taxpayers a dime.
We are proud of this legislation in large part because it was drafted through an open and transparent process, with the input of more than 100 private-sector companies, trade groups, privacy and civil liberties advocates, as well as the executive branch. As a result, the bill enjoys support from virtually every sector of the economy. We wanted to get it right, and we believe we have succeeded in crafting a narrow, carefully tailored bill that will protect our resources and infrastructure while also protecting Americans’ privacy rights.
Strong protections are included in the bill to ensure that private information remains private. The bill strictly limits the government. It cannot demand any cyber threat information from the private sector or withhold government intelligence to force the private sector to share information. Moreover, information shared by the private sector must be protected from disclosure and used only under strict conditions.
Under no circumstances is this legislation an attempt to regulate the Internet. Twitter and Facebook helped the oppressed spur revolutions for freedom from Iran to Egypt to Tunisia. and we support free and open access to these portals. This bill would actually allow companies such as Facebook, which actively supports the measure, to better protect itself (and, as a result, its millions of users).
Strong action must be taken now, as it’s only a matter of time before a catastrophic event destroys trust in the Internet as an engine for economic growth. In the 21st century we must stay in front of technological threats, as well as conventional ones, while respecting privacy and civil liberties and providing the private sector with the information it needs to defend itself.
In the case of cybersecurity, the government can play an important role while it empowers private business to do what it does best: innovate.
Rep. Mike Rogers (R-Mich.) is chairman of the House Intelligence Committee. Dutch Ruppersberger (D-Md.) is the ranking member.