Congressman Jim Langevin, member of the House Intelligence Committee and co-founder of Congressional Cybersecurity Caucus, is urging new bipartisan legislation to help American companies prevent intellectual property theft that damages their businesses and the overall economy.
The Cyber Intelligence Sharing and Protection Act of 2011 would remove barriers that prevent the government, including intelligence agencies, and private sector from sharing information about cyber threats.
The Congressman has long pushed for better information sharing and the legislation closely follows recommendations by the CSIS Commission on Cybersecurity for the 44th Presidency, which he co-chaired.
Langevin expressed the need to consider the bill’s impact on civil liberties and also warned that it would be a mistake to view this legislation as sufficient on its own to fully address the many cybersecurity challenges faced by our nation.
“Given the massive, ongoing theft of intellectual property that plagues our defense and civilian corporate sector, this bill is an important first step in strengthening our public private partnership,” said Langevin. “Providing industry with an umbrella of security, backed up by some of the best resources at the government’s disposal, is an elegant solution to fighting some of the most sophisticated threats facing [our nation].
The Cyber Intelligence Sharing and Protection Act of 2011 provides the government authority to share classified cyber threat information with approved American companies and permits participating businesses to share cyber threat information with others in the private sector, while enabling the private sector to share information with the government on a voluntary basis with liability protection.
Langevin told his colleagues that we cannot effectively take on the widespread challenges in cyberspace unless we also take action to protect critical infrastructure with new security standards, improve coordination across government agencies and update outdated information security policies.
Excerpts from the Statement of Congressman Jim Langevin:
“However, while I strongly support the intent of this legislation, I still have very strong privacy concerns that regrettably could not be addressed in the Committee… Moreover, we should not fool ourselves into thinking that this bill alone represents satisfactory progress on cybersecurity. Pushing out information is only one piece of the public-private partnership that the CSIS Commission envisioned, and a number of other elements will be vital to addressing the enormous intellectual property losses experienced by our public and private sectors, as well as the alarming vulnerabilities within our critical infrastructure.”
“Given the massive, ongoing theft of intellectual property that plagues our defense and civilian corporate sector, this bill is an important first step in strengthening our public private partnership. It allows classified threat information to be shared with responsible members of the private sector who can then use it to defend not just themselves but their customers or clients as well. Providing industry with an umbrella of security, backed up by some of the best resources at the government’s disposal, is an elegant solution to fighting some of the most sophisticated threats that Chairman Rogers and Ranking Member Ruppersberger have spoken of today.
“However, while I strongly support the intent of this legislation, I still have very strong privacy concerns that regrettably could not be addressed in the Committee. I commend Chairman Rogers and his staff for working with me and trying to accommodate my concerns, but there is still significant progress that needs to be made to ensure this bill achieves the ends we all desire of raising the bar for security, while still protecting our civil liberties. This bill provides strong new protections for the private sector, but also a potentially huge new market for security products. While this new market will be good for security, it also provides an important opportunity to implement stronger requirements about how companies handle this data and protect the privacy of their customers and our constituents.”
“