Cybersecurity underpins our entire online experience, such as online banking, social networking, picture sharing, e-health, and numerous government services. Cybersecurity protects the integrity of and accessibility to these and other systems and applications. Access and trust are not just essential to our online world, but also to our economic growth.
Determined cyber criminals, from individuals to rogue nations, have proved they can overcome even the world’s most sophisticated security organizations. They hit their targets repeatedly, trying variation after variation, until they succeed. The result has been an explosion of cyber intrusions: The volume increased by 93 percent from 2009 to 2010, and continues to escalate.
We need smarter defenses centered on private-public sector collaboration. Our adversaries use the speed and availability of information on the Internet to their advantage, and we need to do the same. We need to share and examine actionable data in real time – company-to-company, company-to-government, and government-to-company. Security teams need the ability to recognize dangers, isolate compromised systems, protect information, and render these intrusions harmless.
None of us wants Big Brother to take and abuse data. Similarly, none of us want Big Hackers to steal our personal data and make the Internet less secure. That’s why we need a cyber threat information sharing system that protects people in two ways: First, from cyber crime; second, from government abuse.
The bipartisan Rogers-Ruppersberger bill advances both protection goals: It establishes an effective cyber threat information-sharing structure, while safeguarding individual privacy. Specifically, under this legislation, all information sharing is voluntary and companies can place tough restrictions on how data can be used and who can use it.
This is a measured approach that will better protect people and the systems we rely on from cyber threats. It will protect the fundamental relationship between Internet users and the companies that provide them online access and services. User experience and history, transactions, and personal information will be better safeguarded, providing more personal security online – not jeopardizing it.
Americans are spending more than seven hours, on average, each day online, whether on their computer, smartphone, tablet, or other device. Such connectivity improves our productivity and enhances our lives. It also leaves us more vulnerable to cybercrime, increasing the need for strong, responsive cybersecurity.
As an industry that invests considerable resources to manage cybersecurity risks and protect personal data, the tech sector believes Congress can best build on these investments by passing a cybersecurity plan that would allow for better security of government information systems, effective cybercrime enforcement and tough penalties, and robust public-private cyber research and development. But, at the heart of any fast, flexible, adaptive cyber defense is improved cyber threat information sharing. It would protect our country, and each of us.
Garfield is the president and CEO of the Information Technology Industry Council, the premier advocate and thought leader for the world's leading information and communications technology companies. Mehlman is the executive director of the Technology CEO Council and served as Assistant Secretary of Commerce for Technology Policy from 2001-2003.