Major US firms warn against 'prescriptive, check-the-box approach' to cybersecurity

In a report released this week, the roundtable cautioned that a heavy regulatory hand by the government would be “poorly matched to a rapidly evolving threat environment and the reality of privately owned and operated information assets.”

The roundtable offered recommendations for how the government and private sector can improve their cooperation in addressing the economic and security risks posed by cybersecurity threats. These include integrating the resources of the US government, including defense, intelligence, homeland security, diplomatic, economic and trade assets, to protect US strategic information systems; providing US businesses with the tools to combat global cybersecurity threats; and strengthening criminal penalties and sentencing for cyber crimes.

"We need government to do its part by providing the tools only government can provide – including strategic threat assessments, technical assistance and much more robust public-private information sharing partnerships – to help businesses effectively counter growing threats”, said Ajay Banga, president and chief executive officer of MasterCard Worldwide and roundtable member, in releasing the report.

Perhaps not surprising, the roundtable sounded similar themes to the House Republicans’ cybersecurity task force, which issued its long-awaited cybersecurity report last week. The task force recommended less government regulatory mandates, more incentives to the private sector, and more information sharing with the private sector to improve US cybersecurity.

What’s Hot on Infosecurity Magazine?