ADVERTISEMENT
2 /3 FREE ARTICLES LEFT THIS MONTH Remaining
Chemistry matters. Join us to get the news you need.

If you have an ACS member number, please enter it here so we can link this account to your membership. (optional)

ACS values your privacy. By submitting your information, you are gaining access to C&EN and subscribing to our weekly newsletter. We use the information you provide to make your reading experience better, and we will never sell your data to third party members.

ENJOY UNLIMITED ACCES TO C&EN

Policy

Boosting Cybersecurity

Internet: Chemical industry calls for legislation to combat threat from computer hackers

by Glenn Hess
March 14, 2013 | APPEARED IN VOLUME 91, ISSUE 11

[+]Enlarge
Credit: Senate Homeland Security & Government Affairs Committee
Kepler shares ideas for improving cybersecurity during a March 7 Senate hearing.
09111-notw2-hearingcxd.jpg
Credit: Senate Homeland Security & Government Affairs Committee
Kepler shares ideas for improving cybersecurity during a March 7 Senate hearing.

The nation’s largest chemical maker is urging Congress to give companies immunity from civil and criminal liability on data exchanges that prevent the federal government and the private sector from sharing information about legitimate cyber threats.

“Large companies such as Dow are seeing an increase in the risks we face” from cyber criminals, Dow Chemical’s chief information officer, David E. Kepler, told a joint meeting of two Senate committees on March 7. Chemical companies regularly have to defend against information security threats, including corporate espionage and the theft of intellectual property, he said (C&EN, March 4, page 12). Over the past five years, Congress has struggled to reach consensus on how to boost the nation’s cybersecurity. To help fill the void, President Barack Obama issued an executive order last month that aims to improve communication between the government and private companies and establish voluntary security standards.

But Administration officials acknowledge that there are limits to what they can accomplish without action by Congress. The executive order “does not grant new regulatory authority or establish additional incentives for participation in a voluntary program,” Homeland Security Secretary Janet Napolitano said at the ­hearing.

Napolitano called for legislation that would expand cyber-threat information-sharing capabilities and give U.S. law enforcement agencies new tools to fight crime in the digital age.

Although many companies have developed information security defense strategies as the threat has grown in recent years, Kepler agreed that legislation is necessary to strengthen collaboration between the public and private sectors.

“I think there is a cultural issue with information sharing,” he remarked. “Government doesn’t want to share it, and business doesn’t want to share it. We have to create an environment where we can share key information about these critical threats.”

Cyber information-sharing legislation must include liability protection for businesses that share “early threat or attack information” with the government, Kepler said. Data voluntarily provided by the private sector should also be “adequately protected” from public disclosure through Freedom of Information Act requests, he told the senators.

Kepler pointed out that companies are also reluctant to share information with each other, fearing they will violate antitrust laws.

Advertisement
X

Article:

This article has been sent to the following recipient:

Leave A Comment

*Required to comment