Government and business should be able to share information in a "trusted, constructive, and actionable manner without creating burdensome regulatory mandates or new bureaucracies." But there must be a "safe harbor" for such sharing, combined with assurances that sharing will not lead to "frivolous lawsuits, would be exempt from public disclosure, and could not be used by officials to regulate other activities."
Public-private partnerships should be encouraged by legislation for purposes of improving cybersecurity readiness, the letter said. Legislation should catalyze research and development, awareness and education, and any other opportunities for collaboration between government and businesses. The letter emphasizes the industry expectation that any House legislation will "serve to complement, not harm, the public-private partnerships existing under the National Infrastructure Protection Plan framework."
Additionally, the House should take the lead in reforming the Federal Information Security Management Act of 2002 in order to "harmonize information security programs across civilian government agencies" and allow government to take advantage of changing technologies. This would let the government "lead by example," the letter said.
Organizations signing the letter include the U.S. Chamber of Commerce, National Association of Manufacturers, TechNet and the Internet Security Alliance, along with 22 others.