Rockefeller asks Fortune 500 CEOs to weigh in on cybersecurity debate

Sen. Jay Rockefeller (D-W.Va.) on Wednesday sent letters to every CEO of Fortune’s top 500 companies — including Apple, Cisco, Amazon, Oracle and Google — asking them to outline what measures their companies have in place to protect their computer systems from cyberattacks. 

Rockefeller said he wanted to hear the chief executives’ views “without the filter of Beltway lobbyists” and argued that a cybersecurity bill by Sen. Joe Lieberman (I-Conn.) was filibustered last month “largely due to opposition from a handful of business lobbying groups and trade associations, most notably the United States Chamber of Commerce.”

“I would be surprised to learn that many other American companies, most of which recognize that what is good for their bottom lines is also good for the country’s national and economic security, are as intransigently opposed to our cybersecurity legislative efforts as the Chamber of Commerce has indicated they are,” Rockefeller wrote.

He provided a set of eight questions for the CEOs to answer by Oct. 19. Among the questions, Rockefeller asked what best practices the companies have in place to protect their computer systems and networks, if a company or government helped the company craft these best practices and whether the security measures have been updated.

{mosads}But he also asked the chief executives to state their views on Lieberman’s Cybersecurity Act, including listing concerns they have with a voluntary program established in the bill that would enable the government and industry to work together to develop cybersecurity best practices. Companies would then choose whether to meet them.

Senate Republicans have argued that the voluntary security standards would serve as a backdoor for regulatory agencies to adopt burdensome new rules for businesses to follow.

Rockefeller was a co-sponsor of the Lieberman bill and has continued to push for the government to beef up the nation’s cybersecurity after Senate Republicans blocked the Cybersecurity Act last month. He sent a letter to the White House urging President Obama to issue an executive order that would establish a voluntary program in which companies operating critical infrastructure would make sure their computer systems and networks meet a set of security standards.

In his letter to the CEOs, Rockefeller included statements from National Security Agency Director Keith Alexander and Gen. Martin Dempsey, chairman of the Joint Chiefs of Staff, that called on Congress to act now and pass legislation that would protect the country from the growing cyberthreat.   

“Yet for some reason I do not understand, the Chamber of Commerce and other business lobbying groups opposed our plan to create a voluntary program that would empower the private sector to collaborate with the federal government to develop dynamic and adaptable voluntary cybersecurity practices for companies to implement as they see fit,” Rockefeller wrote.

“This private sector-led approach strikes me as one that companies would want to have codified in statute, rather than risking reactive and overly prescriptive legislation following a cyber disaster,” he added.