Microsoft, Other IT Companies Support Cybersecurity Legislation

• Jul 01, 2010

The sponsors of comprehensive, bipartisan, risk-based cybersecurity legislation Wednesday thanked Microsoft Corp. and others for supporting the Protecting Cyberspace as a National Asset Act, S. 3480.

Homeland Security and Governmental Affairs Committee Chairman Joe Lieberman, ID-Conn., Ranking Member Susan Collins, R-Me., and Federal Financial Management Subcommittee Chairman Thomas Carper, D-Del., said they were grateful for the support of notable IT players because it provides momentum as the legislation moves forward.

"Our cybersecurity legislation was crafted with precision and care," Lieberman said. "We did our homework. We consulted with a broad spectrum of stakeholders in the field, and we produced a bill that has broad support within the IT industry and the Internet security community.  That support is testament to the strength of our legislation - and to its collaborative approach toward the private sector. I look forward to working with our Senate colleagues to produce a bill for Congress to pass and the President to sign this year."

Collins said: "To create our comprehensive cybersecurity bill, we devoted significant time to solicit and gather multiple stakeholder views from the private sector and from government. We did so to ensure that our legislation would be as effective as possible. Today, support from these major companies and private sector organizations, which are dominant players on the world cyber stage, illustrates the power of that collaboration. The only way that our nation can defend against a debilitating cyber attack is for the private sector and the federal government to work together, in tandem, against this common and virulent enemy. As our bill notes in its title, cyberspace is a national asset, linked to so many critical aspects of daily life in America. We must guard it as such, and that stewardship will require all hands on desk. Our bill creates a true partnership designed to find solutions to the ongoing threat of a national cyber assault."

Carper said: "There's a principle that I have strived to follow since my early days in the House of Representatives and as Governor of the great state of Delaware: 'the government should steer the boat, not row the boat.' That statement is as true today, as it was when I entered government some 30 odd years ago. And it's especially relevant on an issue like cybersecurity which touches every facet of our modern-day society. I want to thank our supporters for taking the time to meet with me and my colleagues over the past few years as we developed this critically important piece of legislation. And to those who are still on the fence with supporting our bill -- or perhaps don't agree with any of it - we still welcome your thoughts, ideas, and participation as we strive to ensure that Congress does it's part to protect one of America's most precious resources, cyberspace."

In a letter to  Lieberman, Collins and Carper, Microsoft managing director for governmental affairs Fred Humphries said: "Your bill, the Protecting Cyberspace as a National Asset Act of 2010 (S. 3480), demonstrates a deep understanding of the challenges that the nation faces in cyberspace, and provides a much needed structure and process to address those issues… If enacted, S. 3480 will help to strengthen the appropriate roles of government in building and implementing a national strategy and also in protecting its own enterprise. We strongly support the intended outcomes of this legislation and key provisions it offers to advance cyber security."

Other industry players have also had positive reaction to the bill:

Verizon Communications Chief Network Security Officer Sara Santarelli said: "Unfunded regulatory mandates and command-and-control type governance must be avoided. The most effective approach, which appears to be the direction that this bill is taking, is a public-private partnership where government provides assistance and expertise to the private sector, coupled with incentives like confidentiality and liability protection to encourage the private sector to implement desired activities and with freedom to take decisive actions."

EMC Corporation and RSA, the Security Division of EMC, Executive Vice President Art Coviello and Chief Security Officer Dave Martin said in a letter: "We thank you for crafting a comprehensive bill that incorporates a risk-based approach to protecting information infrastructure in both the public and private sectors. S. 3480 includes provisions to elevate cyber security in organizations and to enable risk managers in the federal government and covered critical infrastructure sectors, to effectively assess, address, and mitigate cyber security risks to their organizations. We believe that this is the right approach."

Symantec Executive Vice President & Chief Technology Officer Mark Bregman said: "Symantec would like to convey our support for the Protecting Cyberspace as a National Asset Act of 2010. This important legislation will enhance and modernize our nation's overall cybersecurity posture in order to safeguard our critical infrastructure from attack. The bill also importantly recognizes cybersecurity as a shared government and private sector responsibility which requires a coordinated strategy to detect, report and mitigate cyber incidents. We look forward to working with the Committee to help advance this important legislation."

Karen Evans, Former Administrator for E-Government and IT, Office of Management and Budget: "I am really excited about the introduction of this legislation especially as it relates to strengthening the authorities of DHS. It is necessary for the Director of the National Center for Cybersecurity and Communications to have the appropriate authorities to really make a difference and improve the security posture of the federal agencies and critical infrastructure and this bill does exactly that. I am especially excited with the inclusion of the workforce provisions such as the establishment of the cyber talent competitions and challenges. By addressing all aspects of the cybersecurity issue, the passage of this bill will really make a difference in reducing the overall risk to our federal agencies and critical infrastructure."