Tech firms and users mush work together to secure cyberspace, says US group

The Business Roundtable (BRT), an association of chief executive officers of leading corporations, is calling on software...

The Business Roundtable (BRT), an association of chief executive officers of leading corporations in the US, is calling on software companies and users to join together to secure cyberspace.

"The BRT released seven core principles that we’re calling our ‘Securing Cyberspace: Business Roundtable's Framework for the Future’," said Marian Hopkins, director of public policy at BRT.

"The objective of the principles is to lay out a balanced approach to attempt to deal with the cybersecurity issue," she said. 

Hopkins said a continuing increase in cyberattacks presents a critical economic and homeland security issue for the country that requires decisive action from all major industries.

"The principles recognise and call upon chief executives to... make this an issue for themselves and for their boards and, at the same time, it calls on IT suppliers to produce and manufacture more secure software and IT products," she said. 

The BRT is also creating a roadmap, or best practices tool kit, to give chief executive officers help in shaping IT or cybersecurity policies or strategies within their companies.

"We want to work with other business groups to advance these goals and work ... with IT community and software manufacturers to try to seriously address the issue of cybersecurity," Hopkins said. 

"We support the package of the principles because it brings everything together in one place. It's the role of the chief executive officer and the role of the board, which to us are critical in the area of information security corporate governance." 

Paul Kurtz, a former White House senior director for national security, said the significance of the BRT’s announcement is that, for the first time, traditional industry in the US is working together and saying information security is an important issue for chief executive officers and boards of directors. 

"The BRT also talks about the importance of shared responsibility - both end users and suppliers doing their part, as well as government playing a role as the facilitator," said Kurtz, now head of the Cyber Security Industry Alliance.

"Traditional industry hasn’t come out strongly about the issue of cybersecurity. So I believe it’s a milestone that we have these very traditional firms such as Federal Express all coming to the table and saying, ‘This is an important issue’." 

A leading trade group agreed that responsibility for the nation’s cybersecurity should be shared. 

"It’s a principle that the business community [and] the IT community agree on," said Mike Waldron, a spokesman for the Information Technology Association of America.

"The IT community has been working hand in glove with the business community to ensure that our systems and consumer data are safe and effective."

Linda Rosencrance writes for Computerworld

Read more on IT risk management