Cybersecurity

Enhancing the Nation’s Cybersecurity Posture

American businesses face an unprecedented level of attacks in cyberspace that continue to grow in severity, number, and sophistication each year. The nation’s economic security depends on the ability of U.S. companies to effectively defend their networks, safeguard their data, and provide secure and resilient services. Business Roundtable recognizes that effective cybersecurity protection requires a strong partnership between the public and private sectors who together must prioritize cybersecurity policies and initiatives that enable better defense against cyber threats.  

We appreciate the U.S. Government’s support for and prioritization of public-private partnerships for cybersecurity. We are committed to building long-standing and trusted working relationships with government partners to achieve solutions that provide the public and private sectors with the threat intelligence and tools necessary to collaboratively manage sophisticated cybersecurity risks. This partnership must continue to mature to keep pace with the evolving threat landscape and sector-specific needs of companies.

Business Roundtable supports policies that:

Promote the Continued Development of Voluntary, Industry-Led, Risk-Based Cybersecurity Standards

The National Institute of Standards and Technology (NIST) Cybersecurity Framework, a voluntary and flexible cybersecurity risk-management approach, has been heralded by both industry and government alike. Business Roundtable believes that voluntary and flexible risk-based approaches to managing cybersecurity are the most capable of managing threats and vulnerabilities as they continue to evolve. Companies operate in dynamic digital environments and their cybersecurity programs must be designed to accommodate this reality. Prescriptive, one-size-fits all approaches to cybersecurity risk management do not provide companies with the flexibility needed to respond to technological changes and an ever-changing threat landscape.

Business Roundtable promotes use of the NIST Cybersecurity Framework with our member companies and believes that the Framework provides a solid baseline for cybersecurity risk management practices. We also support the formal public-private process that NIST has adopted to evolve the Framework. As the Framework expands into new areas, NIST should continue to draw on expertise from the public and private sectors and consider a diverse array of threats, vulnerabilities, and risks.

Combat Fraud by Building a Trusted and Resilient Digital Identity Ecosystem.

Today, businesses and governments use personal information such as names, emails, passwords, dates of birth, and social security numbers to establish and verify an individual’s identity for access to a wide array of services online. Unfortunately, much of this information is now accessible to bad actors as data breaches continue to expose the personal information of many Americans. As a result, the traditional methods used to verify identities online are no longer reliable to protect against fraudulent transactions.

Recognizing that a secure and resilient identity ecosystem is essential to customer and citizen trust in online services, Business Roundtable supports public and private sector action to significantly redefine and improve our nation’s approach to digital identity. Building a strong foundation for digital identity in the United States will reduce fraud, cybercrime, and data breaches while increasing privacy and security.