Cybersecurity

Enhancing the Nation’s Cybersecurity Posture

Fortify U.S. Cyber Defenses and Trust in Information and Communications Technology Supply Chains

The United States is engaged in an ongoing and escalating struggle against persistent, agile and well-funded cyber adversaries. To succeed in this fight, the federal government needs to improve its defenses against sophisticated and determined cyber threats with a coordinated, multilayered and cutting-edge cyber defense strategy. Significant investments in updating and securing federal government networks to prevent, detect, mitigate and remediate cyber intrusions are a key component of a successful strategy, as well as investments in a robust and active partnership with the private sector to ensure a resilient and adaptive defense of critical infrastructure and government systems. To that end, the federal government should enhance collaboration between the public and private sectors to detect, deter and respond to malicious activity in cyberspace. The Administration should renew its cyber deterrence frameworks and leadership of global efforts to combat cyber threats. 

Enhance Cyber Threat Information Sharing Between the Public and Private Sector

Business Roundtable Applauds DHS Plans for Improved Public-Private Cybersecurity Information Sharing

The planned improvements to the Automated Information Sharing (AIS) program announced by DHS are an important step forward.
BRT, CMN, Business Council of Canada Joint Letter on North American Leaders Summit

A strong North America marketplace is crucial to the long-term prosperity of our countries.
BRT Welcomes Passage of Information Sharing Legislation

We commend Congress for passing critical cybersecurity information sharing legislation.
BRT Applauds Senate for Passing the Cybersecurity Information Sharing Act (CISA)

The final legislation should provide a voluntary and non-regulatory foundation for advancing public and private sector cybersecurity capabilities.

Promote the Continued Development of Voluntary, Industry-Led, Risk-Based Cybersecurity Standards

The National Institute of Standards and Technology (NIST) Cybersecurity Framework, a voluntary and flexible cybersecurity risk-management approach, has been heralded by both industry and government alike. Business Roundtable believes that voluntary and flexible risk-based approaches to managing cybersecurity are the most capable of managing threats and vulnerabilities as they continue to evolve. Companies operate in dynamic digital environments and their cybersecurity programs must be designed to accommodate this reality. Prescriptive, one-size-fits all approaches to cybersecurity risk management do not provide companies with the flexibility needed to respond to technological changes and an ever-changing threat landscape.

Business Roundtable promotes use of the NIST Cybersecurity Framework with our member companies and believes that the Framework provides a solid baseline for cybersecurity risk management practices. We also support the formal public-private process that NIST has adopted to evolve the Framework. As the Framework expands into new areas, NIST should continue to draw on expertise from the public and private sectors and consider a diverse array of threats, vulnerabilities, and risks.

Business Roundtable Comments on Updated Cybersecurity Framework

We believe that NIST’s leadership in developing the voluntary and risk-based Framework has improved our nation’s cybersecurity posture.
Comments on Draft Update of the Framework for Improving Critical Infrastructure Cybersecurity

We believe that a flexible, technology-neutral and risk-based framework developed through active collaboration with industry is the most effective way to strengthen cybersecurity for all sectors of the U.S. economy.
BRT Letter on Enhanced Cyber Risk Management Standards

We believe that a flexible and risk-based framework will result in the most effective outcome for strengthening cybersecurity for all sectors of the economy.
Letter to NY Department of Financial Services on Proposed Cybersecurity Rule

We encourage DFS to bring the Proposal in-line with a risk-based approach and thereby create a model for other states to follow.

Combat Fraud by Building a Trusted and Resilient Digital Identity Ecosystem.

Today, businesses and governments use personal information such as names, emails, passwords, dates of birth, and social security numbers to establish and verify an individual’s identity for access to a wide array of services online. Unfortunately, much of this information is now accessible to bad actors as data breaches continue to expose the personal information of many Americans. As a result, the traditional methods used to verify identities online are no longer reliable to protect against fraudulent transactions.

Recognizing that a secure and resilient identity ecosystem is essential to customer and citizen trust in online services, Business Roundtable supports public and private sector action to significantly redefine and improve our nation’s approach to digital identity. Building a strong foundation for digital identity in the United States will reduce fraud, cybercrime, and data breaches while increasing privacy and security.

Business Roundtable Launches Initiative to Address Digital Identity Policy Challenges

The Business Roundtable is engaging with the broader stakeholder community to provide an actionable roadmap that will significantly redefine and improve our approach to digital identity.

The Latest