By Jennifer Martinez and Brendan Sasso - 07/25/13 10:54 PM EDT
Rockefeller is also a member of the Senate Intelligence Committee and said that panel plans to put forward information-sharing legislation that would make it easier for industry and government to share data about cyber threats with each other.
"Acting alone, this committee cannot make all of the changes needed to give our government and businesses the tools they need to make real progress on cybersecurity," the Commerce panel chairman said during his opening statements at the hearing.
Later, Thune said he hoped the Senate Homeland Security and Governmental Affairs Committee would put forward legislation that would update the federal government's computer security standards, known as the Federal Information Security Management Act or FISMA.
Throughout the hearing, Rockefeller hailed NIST's past work on cybersecurity and emphasized that it's "not a regulatory agency."
"It is a scientific laboratory," he said. "With its unrivaled technical expertise and its well-deserved reputation for objectivity, NIST has been working loosely with the private sector for many years to help U.S. companies innovate and compete successfully with their foreign competitors."
Last year the Senate failed twice to pass a comprehensive cybersecurity bill after GOP members blocked its passage, arguing that it would force companies to adopt new regulatory standards.
Rockefeller is taking a different tack this year by passing a small bill that enjoys industry support, which improves its chances to pass the full Senate. The bill also states NIST's cyber framework is voluntary and it's up to companies to decide whether to adopt it.
Testifying before the Commerce panel, NIST Director Patrick Gallagher said the framework attempts to draw heavily from computer security best practices and standards across various industries. The success of the framework hinges on strong participation from industry to adopt its best practices, he said.
"The know-how and the capacity is in industry," Gallagher said.
"Since the goal here is to put this into use, having a standard on the shelf is not going to help anyone," he said. "The more we can rely on good business practices, the better off this will work."
The administration has considered various incentives that would encourage critical infrastructure operators to follow the framework, but Gallagher said NIST's goal for the moment "is to make good cybersecurity ... equivalent to good business practice."
Industry representatives at the hearing praised Rockefeller and Thune's bill, saying it takes the right approach by calling for NIST's framework to be voluntary and industry-led.
"We appreciate your balanced, non-regulatory approach," said Dorothy Coleman, vice president of tax and domestic economic policy at the National Association of Manufacturers.
App privacy guidelines announced: After more than a year of negotiations with business and privacy groups, the National Telecommunications and Information Administration (NTIA) announced a voluntary code of conduct on Thursday for privacy protection on mobile applications.
Under the code, an app should notify consumers about the information it is collecting about them and how it is sharing that information.
App developers and other business groups praised the agreement, saying it will help consumers make informed decisions. But privacy groups said it was only a modest step that shows the need for comprehensive privacy legislation.
Ban on digital taxes introduced: Sens. Ron Wyden (R-Ore.) and John Thune (R-S.D.) introduced legislation on Thursday that would prevent discriminatory or duplicative taxes on digital goods and services, such as online downloads of music, movies and apps.
The senators said their Digital Goods and Services Tax Fairness Act would prevent unfair taxes that threaten the digital economy.
“Federal regulations have not kept up with the fast-growing and ever-changing digital marketplace, resulting in outdated rules that could allow a single transaction to be taxed by multiple jurisdictions,” Thune said in a statement.
IN CASE YOU MISSED IT
Watt announces performance rights bill: Rep. Mel Watt (D-N.C.) plans to introduce a bill before the August recess that would make radio broadcasters compensate musicians and recording artists for playing their songs over the air.
Five charged with massive hacks: The Justice Department charged four Russians and a Ukrainian on Thursday of hacking into major corporate networks and stealing 160 million credit card numbers in the largest-known data breach in history.
Senate panel to vote on media violence bill: The Senate Commerce, Science and Transportation Committee is expected to vote next week on Chairman Jay Rockefeller's (D-W.Va.) bill to study the impact of violent video games and other media on children.
FCC process bills clear subcommittee: The House Energy and Commerce subcommittee on Communications and Technology advanced two bills on Thursday that would overhaul the way the Federal Communications Commission operates.
Democrats allowed the subcommittee to approve the bills on a voice vote on Thursday after Rep. Greg Walden (R-Ore.), the chairman of the subcommittee and author of the legislation, promised to work to address their concerns over the August recess.
Copyright hearing goes 3-D: More than a decade after the file-sharing service Napster went offline, filmmakers, photographers, musicians and other artists are telling lawmakers that compensation and fair use of copyrighted content are still their main challenges.
Follow Hillicon Valley on Twitter: @HilliconValley, @BrendanSasso, @JenMartinez