The U.S. Senate this week may consider S. 754, the Cybersecurity Information Sharing Act of 2015 (CISA), introduced by Sens. Richard Burr (R-NC) and Dianne Feinstein (D-CA). This bipartisan bill was passed out of the Senate Intelligence Committee in the spring by an overwhelming vote of 14-1. The NAM is calling on the Senate to pass this bill that will benefit manufacturers as soon as possible. (continue reading…)
Technology and the deployment of it across the shopfloors and throughout the products of the manufacturing industry has raised cybersecurity to a C-suite priority. Manufacturers know that strong cybersecurity means strong economic security. The NAM has therefore joined more than 45 other industry groups calling for passage of S. 754, the Cybersecurity Information Security Act (CISA) of 2015. (continue reading…)
The U.S. House of Representatives is scheduled to vote today on four separate cybersecurity- related bills. The four pieces of legislation cover a number of issues ranging from improving the Federal cybersecurity workforce to facilitating more sharing of real-time threat information between the public and private sector. The NAM applauds the House for addressing a top priority for all manufacturers but we are still faced with a cold reality – if the Senate does not also act, none of these bills will become law.
The NAM has advocated aggressively for legislation that would increase the ability of the private sector to receive up-to-date information on the ever-present cyberthreat faced by manufacturers. Trade secrets, patents, customer data, and technological innovations are what separate manufacturers in the United States from their competitors. The NAM works on a number of different fronts to help protect this “secret sauce” but a government partner is needed. Federal Agencies have access to information that, if shared with the private sector, can do a great deal to help protect our innovation from bad actors. There has been a lot of talk from Congress about understanding this need, but little action.
Manufacturers place cybersecurity as one of their highest priorities. They are committed to keeping our assets secure and therefore keeping our nation safe. These and many other issues are at the top of the agenda of the NAM D.A.T.A. Center, a venue for NAM members to educate policy makers and the general public to ensure they know the innovative breakthroughs in all aspects of life come from manufacturers. To get involved in the D.A.T.A. Center contact, Brian Raymond, NAM’s Director of Technology and Domestic Economic Policy.
The bills scheduled to be considered today by the House of Representatives are:
H.R. 2952 – The Critical Infrastructure Research and Development Act
H.R. 3107 – The Homeland Security Cybersecurity Boots-on-the-Ground Act
H.R. 3696 – The National Cybersecurity and Critical Infrastructure Protection Act
H.R. 3635 – Safe and Secure Federal Websites Act of 2013
The National Association of Manufacturers (NAM) today joined more than 20 other associations from a diverse set of industries on a letter to White House Cybersecurity Coordinator Michael Daniel. The letter was in response to a May 22 blog by Daniel in which he recognized the important partnership that has to exist between the public and private sector in order to enhance our nation’s cybersecurity.
The NAM has called for legislation to increase the ability to share information between manufacturers and the federal government. This legislation has passed the House and we encourage the Senate to also act. Manufacturers have also actively participated in the development of the NIST Cybersecurity framework and will continue to engage. As the letter states, the NAM agrees with Mr. Daniel that the framework “should remain collaborative, voluntary, and innovative over the long term” and should not lead to a new regulatory regime.
Manufacturers are committed to keeping our assets secure and therefore keeping our nation safe. The letter captures many of the initiatives already underway across many industries to educate companies on the latest cybersecurity tools and trends. The NAM’s D.A.T.A. Center is highlighted in the letter as one of the innovative ways manufacturers are working together on the issue of cybersecurity and our other technology priorities.
The NAM and our members continue to remain vigilant against the persistent cyberthreat in today’s connected world. We are pleased to see the White House make these public statements that the want to partner with us in these efforts.
One year ago, President Obama issued an Executive Order on cybersecurity tasking the National Institute of Standards and Technology (NIST) to coordinate meetings with the private sector and produce a cybersecurity “framework” for owners and operators of critical infrastructure. The final version of that framework was released today after much input by all segments of manufacturing.
NIST held a series of workshops around the country and solicited feedback from the private sector on how best the government can partner with owners and operators of critical infrastructure to create this framework. They sought input on technology, standards, and implementation among other issues. The result is a 40+ page document that includes recommended activities and best practices to help secure networks and data in critical infrastructure sectors. The framework also provides “profiles” and “tiers” aimed at assisting organizations benchmark their current cybersecurity practices.
This framework and the related policy debate matter to all manufacturers because we are the owners, operators, and builders of critical infrastructure. Because of this all NAM members take cybersecurity very seriously and they welcomed the opportunity to work with the Administration on this important effort. Manufacturers understand that our economic security is linked directly to our cybersecurity. As the President rightly said in his statement issued today on the framework, “our economy is harmed by the theft of our intellectual property”. This is the reason that manufacturers go to great lengths to secure their enterprise and we were pleased to see many of our current best practices included in the framework.
As manufacturers and policymakers examine the framework, the NAM continues to stress that it must remain voluntary. Any attempt to turn these guidelines into mandatory regulations will have the opposite effect of enhancing cybersecurity. As the NAM has said numerous times to the Administration and Congress, the best way to increase cybersecurity of our critical infrastructure is to pass legislation that allows for the sharing of information between the public and private sector without the threat of liability for doing so.
The NAM looks forward to continuing our work with the Administration and Capitol Hill on this top priority for manufacturers.
Today was a big win for manufacturers in the House of Representatives. In recent years, cybersecurity has become more and more of a focus for manufacturers who operate networks featuring comprehensive and collaborative networks between customers, vendors, suppliers and governments. As the threat of online attacks grows, manufacturers have implemented the most complete security possible to protect those networks – but current law doesn’t offer the full protection manufacturers need. But with today’s passage of the Cyber Intelligence Sharing and Protection Act (CISPA) of 2013 (H.R. 624) we’re a lot closer.
“Manufacturers take any intrusion seriously, but the problem is that we can’t get any information from the government about what those threats are,” said NAM Director of Technology and Domestic Economic Policy Brian Raymond. “CISPA fixes the problem by creating a stronger partnership among the Department of Homeland Security, the intelligence community and manufacturers, allowing them to collaborate when credible threats arise.”
Marlin Steel, led by President Drew Greenblatt, an NAM executive committee member, takes a strong stance against cyber crime, noting, “if greater information-sharing can help find and prosecute someone using the Internet to commit a crime, it is a line worth shifting.”
The House voted 288-127 to pass the bill – with significant and widespread bipartisan support. Support for CISPA is strong and growing. Which makes the President’s threat of a veto perplexing at best. This is a solution that delivers the necessary protections and information sharing without adding duplicative regulations that fail to improve security. CISPA will allow manufacturers to take an increasingly proactive, rather than a reactive, approach to threats.
As the NAM Technology Subcommittee Chair, Eric Fitzgerald Reed, said, “Cybersecurity will play a significant role in defining the future of the Internet and business in the 21st century, so it is natural that the manufacturing and high-tech communities strongly support the CISPA legislation.”
It’s time for the Senate and the President to take the baton and put into law the protections that manufacturers need to counter the growing cyber threats in an online world.
It’s hard to avoid the issue of cybersecurity these days. Everywhere you turn there seems to be another story about hacking, theft of intellectual property, and other activity ranging from disruptive to sinister. As a result, the number of proposed solutions now seem to equal the number of press articles. At the NAM we think it is time to stop talking and take action.
The NAM has lent its support once again to a bill recently introduced in the House of Representatives that would allow companies to share cyberthreat information with the government, and vice versa, as well as with other companies. The Cyber Intelligence Sharing and Protection Act (H.R. 624) is a bipartisan bill championed by the leaders of the House Permanent Select Committee on Intelligence, Chairman Mike Rogers (R-MI) and Ranking Member Dutch Ruppersberger (D-MD). The NAM has repeatedly said to the Hill and the White House that if manufacturers are allowed to share information – and have liability protection when they do – the cybersecurity of our critical infrastructure can be significantly enhanced.
The White House has also weighed in on this issue. President Obama raised the importance of cybersecurity and protecting our nation’s intellectual property in his State of the Union address. The day after that speech he issued an Executive Order on cybersecurity. While we are encouraged that the issue of cybersecurity is a priority for this Administration the Executive Order lacks the incentives and liability protection for manufacturers that legislation like The Cyber Intelligence Sharing and Protection Act would provide.
The economic and national security of our nation is the NAM’s highest priority. Manufacturers need timely, reliable, and actionable cyber information so their businesses can address the threats quickly and move on to what they do best and what matters most – making America strong. Let’s stop talking about cybersecurity and pass a bipartisan bill that will help manufacturers.
A number of Senators – led by Sen. Hutchison (R-TX) and Sen. McCain (R-AZ) – introduced an updated version of their Strengthening and Enhancing Cybersecurity by Using Research, Education, Information, and Technology Act or “SECURE IT” Act today. This new bill makes important changes to address the privacy concerns that have been raised during both the House and Senate debate. It also clarifies the legislation to ensure it does not place unnecessary reporting and regulatory requirements on manufacturers.
This bill will help facilitate the sharing of information between the public and private sector – a tool manufacturers do not have now and have told Congress it should be the highest priority if cybersecurity legislation is to help protect critical infrastructure. It does not increase the cost or regulatory burden on companies. This means manufacturers can have the flexibility to continue to drive research and engineering that will push cybersecurity innovation and improvement faster than any government mandated standard.
The NAM supports this updated legislation and continues to call on the Senate to move the debate forward and pass legislation that helps to increase the readiness level of our nation’s critical assets against cyberthreats.
The NAM-supported Cyber Intelligence Sharing and Protection Act (H.R. 3523) recently passed the U.S. House of Representatives with strong bipartisan support. This bill is the first step toward better securing our nation and our economy from emerging threats in cyberspace. The focus now shifts to the Senate which has signaled it will take up cyber legislation later this month.
Manufacturers supported this legislation because it would permit the public and private sector to share cyber threat intelligence with each other. As owners and operators of the vast majority of our country’s critical infrastructure, manufacturers are sometimes the first line of cyber-defense in today’s interconnected world. If able to provide and receive intelligence – while vigorously protecting the privacy of their customers, suppliers, and employees – the private sector will be better able to protect itself from those with malicious intent.
What this legislation does not do is create a new bureaucracy or a regulatory regime. It does not give the government any ability to monitor or censor private networks. In fact, no new authority is granted to the government. That includes the intelligence community, the Department of Defense, and the National Security Agency. Most importantly, company participation is completely voluntary with no entity required to participate or share information.
There is broad support across the business community for this NAM-endorsed approach. The Senate now has an opportunity to send a bill to the President for his signature. Manufacturers know that our economic security is directly related to our cybersecurity. It is time for the Senate to act on legislation that will strengthen our nation’s cybersecurity and not create a new and unnecessary regulatory burden.
As part of what is being called “Cyber Week” by House Leadership, the chamber is scheduled to vote on four cybersecurity bills Thursday and Friday. The NAM sent a letter to Capitol Hill this morning in support of all the bills. Why do we support efforts to strengthen the cybersecurity of our nation? We tell House Leaders this in our letter:
Manufacturers through their comprehensive and connected relationships with customers, vendors, suppliers, and governments are entrusted with vast amounts of data. They hold the responsibility of securing this data, the networks on which it runs, and the facilities and machinery they control at the highest priority level. Manufacturers know the economic security of the United States is directly related to our cybersecurity.
Since manufacturers build and own the U.S. cyberinfrastructure and ecosystem, the NAM has been advocating aggressively for common-sense legislation that removes the barriers that prevent the public and private sector from sharing cyberthreat information. The Cyber Intelligence Sharing and Protection Act (H.R. 3523), one of the bills being considered this week, helps to solve this problem.
The NAM has also called for improving how the Federal government coordinates its cybersecurity R&D efforts as well as the importance of a highly-skilled Federal cyber-workforce. The other three bills on the calendar address these issues important to manufacturers.
We applaud the bipartisan efforts in the House to get these bills to the floor. We are looking forward to a full debate in the Senate which is likely coming soon!