Online Companies Urged by U.S. to Boost Their Cyber Defenses
The U.S. Commerce Department recommended ways for companies with an online presence to bolster their defenses against cyber attacks as part of an Obama administration strategy on Internet security.
Businesses should develop codes of conduct that reduce their vulnerability to computer attacks and identify government incentives that would encourage the adoption of sound security practices, according to a plan released today by the Commerce Department.
None of the proposal’s recommendations is final, and Commerce plans to solicit industry input during the coming months. Titled “Cybersecurity, Innovation and the Internet Economy,” the plan focuses on establishing industry best practices, creating incentives for improving security, increasing training and awareness, and fostering international collaboration.
“The goal is to focus more cybersecurity attention for the non-critical infrastructure,” Ari Schwartz, an Internet policy adviser at the Commerce Department, said in an interview. “This is a space where we’re saying regulation isn’t needed, but that doesn’t mean these companies are absolved from taking action on cybersecurity.”
Non-Critical Infrastructure
Today’s proposal is part of a broader effort by President Barack Obama to fight cybercrime. On May 12, the administration sent an outline for cybersecurity legislation to House and Senate lawmakers recommending tighter oversight of critical infrastructure, such as power grids and financial networks.
The Commerce plan focuses on businesses that do not qualify as critical infrastructure such as online retailers and social- networking sites.
“Our economy depends on the ability of companies to provide trusted, secure services online,” Commerce Secretary Gary Locke said in a statement. “By increasing the adoption of standards and best practices, we are working with the private sector to promote innovation and business growth, while at the same time better protecting companies and consumers from hackers and cyber theft.”
Business associations applauded the administration’s proposal. “Today’s recommendations will help foster innovation and dynamism in the face of evolving cybersecurity threats,” Robert Holleyman, the president of the Business Software Alliance, a Washington-based industry group that represents software makers including Apple Inc. (AAPL) and Microsoft Corp. (MSFT), said in an e-mail.
Working With Commerce
The Washington-based Software and Information Industry Association, whose members include Adobe Systems Inc. (ADBE) and Salesforce.com Inc. (CRM), welcomed the plan and said it would work with the department to define it, according to an e-mail.
Recent hacker attacks on Sony Corp. (6758), Google Inc. (GOOG) and other corporations have sharpened U.S. government scrutiny of how companies safeguard consumer information and inform consumers about cyber attacks.
In April, Tokyo-based Sony disclosed that its entertainment networks had been targeted by hackers in incidents that exposed account information on 100 million customers and led the company to temporarily close its PlayStation Network. Google said in a June 1 blog post that an attempted hack originating in China targeted Gmail accounts of U.S. government officials, military personnel and journalists.
As the Internet grows, so has the threat of cybersecurity attacks, according to the Commerce Department. The number of Internet malware threats was estimated to have doubled between January 2009 and December 2010, the department said.
In April, the Commerce Department proposed creating an online identification system to improve the security of Internet transactions. The effort seeks to combat online fraud, which last year cost U.S. businesses $37 billion, according to Javelin Strategy & Research, a Pleasanton, California-based research group.
To contact the reporter on this story: Kelly Riddell in Washington at kriddell1@bloomberg.net
To contact the editor responsible for this story: Allan Holmes at aholmes25@bloomberg.net
Rate These Stories
Rate this Page