Entrust president and CEO Bill Conner highlighted the importance of public-private partnerships to share intelligence and inform the public. “The federal government needs to work more closely with the private sector to exchange critical information about the threats that each experiences," Conner told the House Energy and Commerce Committee’s communications and technology subcommittee.
"This kind of situation is persistent, and we have been asking the appropriate agencies to work with us to deter further damaging breaches. Congress needs to direct the government’s intelligence community to work more closely with cybersecurity companies and to share vital information on evolving threats, attack methods, and how to defend. The private sector would also benefit from an education or awareness campaign”, he added.
Phyllis Schneck, McAfee’s chief technology officer, recommended that the federal government provide “positive incentives that can help address some of the fundamental challenges ISPs, telecoms, and other members of the communications ecosystem have.” Schneck suggested imposing limitations on liability for damages as well as for noneconomic losses, cybersecurity competitions and challenges to recruit “talented individuals,” tax incentives, and insurance reforms.
Robert Dix, vice president of government affairs and critical infrastructure with Juniper Networks, testified: “It is imperative that all of us acknowledge that cybersecurity is truly a shared responsibility, and that managing risk will requires a true collaborative approach between government and the private sector. In order for the private industry to be able to prevent and mitigate threats, industry must have access to the threat information that the government possesses.”
Internet Security Alliance chief Larry Clinton suggested Congress “provide the right mix of regulations and incentives. We need a much more contemporary and creative approach wherin the private sector is engaged, not controlled by our government partners.”