Business Roundtable CEOs support sound public policy to defeat COVID-19, create American jobs and restore U.S. economic growth and competitiveness.
LEARN MORE

Cybersecurity

Enhancing the Nation’s Cybersecurity Posture

The United States is engaged in an ongoing and escalating struggle against persistent, agile and well-funded cyber adversaries. To succeed in this fight, the federal government needs to improve its defenses against sophisticated and determined cyber threats with a coordinated, multilayered and cutting-edge cyber defense strategy. Significant investments in updating and securing federal government networks to prevent, detect, mitigate and remediate cyber intrusions are a key component of a successful strategy, as well as investments in a robust and active partnership with the private sector to ensure a resilient and adaptive defense of critical infrastructure and government systems. To that end, the federal government should enhance collaboration between the public and private sectors to detect, deter and respond to malicious activity in cyberspace. The Administration should renew its cyber deterrence frameworks and leadership of global efforts to combat cyber threats. 

Promote the Continued Development of Voluntary, Industry-Led, Risk-Based Cybersecurity Standards

The National Institute of Standards and Technology (NIST) Cybersecurity Framework, a voluntary and flexible cybersecurity risk-management approach, has been heralded by both industry and government alike. Business Roundtable believes that voluntary and flexible risk-based approaches to managing cybersecurity are the most capable of managing threats and vulnerabilities as they continue to evolve. Companies operate in dynamic digital environments and their cybersecurity programs must be designed to accommodate this reality. Prescriptive, one-size-fits all approaches to cybersecurity risk management do not provide companies with the flexibility needed to respond to technological changes and an ever-changing threat landscape.

Business Roundtable promotes use of the NIST Cybersecurity Framework with our member companies and believes that the Framework provides a solid baseline for cybersecurity risk management practices. We also support the formal public-private process that NIST has adopted to evolve the Framework. As the Framework expands into new areas, NIST should continue to draw on expertise from the public and private sectors and consider a diverse array of threats, vulnerabilities, and risks.

Combat Fraud by Building a Trusted and Resilient Digital Identity Ecosystem.

Today, businesses and governments use personal information such as names, emails, passwords, dates of birth, and social security numbers to establish and verify an individual’s identity for access to a wide array of services online. Unfortunately, much of this information is now accessible to bad actors as data breaches continue to expose the personal information of many Americans. As a result, the traditional methods used to verify identities online are no longer reliable to protect against fraudulent transactions.

Recognizing that a secure and resilient identity ecosystem is essential to customer and citizen trust in online services, Business Roundtable supports public and private sector action to significantly redefine and improve our nation’s approach to digital identity. Building a strong foundation for digital identity in the United States will reduce fraud, cybercrime, and data breaches while increasing privacy and security.