PoliticalAction.com: Political Action Committee Homepage



Voluntary Cybersecurity Program

The President issued Executive Order 13636, stating that the “cyber threat to critical infrastructure continues to grow and represents one of the most serious national security challenges we must confront.” The Executive Order sets out a number of steps to address this problem, including calling on the Department of Commerce’s National Institute of Standards and Technology (“NIST”) to develop a Cybersecurity Framework (“Framework”) and the Department of Homeland Security (“DHS”) to build a voluntary program (“Program”) “to support the adoption of the Cybersecurity Framework by owners and operators of critical infrastructure and any other interested entities. . .” The Program could include guidance on how to implement the Framework in specific sectors, as well as incentives for companies to align their cybersecurity practices, with the practices and standards specified in the Framework. The President requires DHS, the Department of Commerce (“Commerce”), and the Department of Treasury (“Treasury”) to draft separate reports on incentives to join the Program. The following recommendations are Commerce’s contribution to this analysis of incentives.

* Engage insurance companies in the creation of the Framework
* Study tort liability
* Consider participation in the Program as a criterion for NSTIC Pilot and other Commerce grants
* Offer guidance to federal agencies on compliance with the Framework and participation in federal grant program
* Ensure that the Program links research and development efforts to overcoming real-world challenges
* Identify candidates for regulatory streamlining
* Explore a Fast-Track Patent Pilot for cybersecurity
* Study the use of government procurement considerations
* No further study of the use of tax incentives

Tags: , , , , ,