BRT Letter to House on Mission Critical: A Public-Private Strategy for Effective Cybersecurity

April 20, 2012

The Honorable John Boehner

Speaker, United States

House of Representatives

Washington, DC 20515

The Honorable Nancy Pelosi

Minority Leader, United States

House of Representatives

Washington, DC 20515

Dear Mr. Speaker and Leader Pelosi:

Thank you for working to address the growing national challenge of cybersecurity. Cyber threats to our national security and our economy continue to grow and call for an appropriate and meaningful Federal government role.

Business Roundtable is an association of chief executive officers of leading U.S. companies with over $6 trillion in annual revenues and more than 14 million employees. Our cybersecurity policy, Mission Critical: A Public-Private Strategy for Effective Cybersecurity, calls for a more modern, flexible, and collaborative approach for safeguarding America’s economic and national security assets from cyber threats.

Specifically, Business Roundtable supports policies that are:

• Scalable, Flexible, Risk Based, and Customized by Sector – The speed associated with cyber threats cannot be addressed through “check-the-box” compliance regimes, which could actually weaken the deployment of innovative solutions. In this environment especially, innovation is essential and blanket regulatory approaches would almost certainly be less effective.

• Collaborative, Proactive, and Responsive – The strengths of industry and government should be employed in a meaningful public/private partnership to place a priority on prevention, detection, response, and recovery measures, not on government punishment of responsible companies that have been victimized.

• Globally Replicable – Given the global nature of cybersecurity, standards to address cyber threats should be consistent across all countries.

In December 2011, Business Roundtable formally endorsed H.R. 3523, the Cyber Intelligence Sharing and Protection Act of 2011, bipartisan legislation introduced by Representatives Rogers and Ruppersberger. In our view, H.R. 3523 embodies the principles above and represents an important step in creating a framework for the effective sharing of cybersecurity information. Business Roundtable is encouraged that this approach could lead to the integration of the full resources of the U.S. government, including defense; intelligence; homeland security; and diplomatic, economic, and trade assets. Because this legislation represents an essential component to a more robust and responsive cybersecurity infrastructure, we urge its passage.

As you and your colleagues prepare for “Cyber Week” beginning on Monday, April 23, we believe it is important to guide policy actions and discussions away from new burdensome regulatory requirements and toward a secure and innovative environment on-line for all Americans. Accordingly, we encourage prompt review and careful consideration of all cybersecurity proposals in the House.

There should be no Republican approach or Democratic approach to cybersecurity – these threats demand bipartisan, consensus-driven solutions. Urgent action is needed to establish a framework that responds to current and future cybersecurity threats. For your information, I have attached a copy of Mission Critical: A Public-Private Strategy for Effective Cybersecurity.

Business Roundtable stands ready to work with you to improve our nation’s cybersecurity protections.


Ajay Banga

President and CEO, MasterCard Worldwide

Chair, Information and Technology Committee, Business Roundtable


C: Members of the United States House of Representatives