From breaking news alerts about the latest attack on our nation’s utility grid to news reports about the increasing frequency of cyber-attacks involving personal data, cybersecurity has quickly emerged as a public policy issue in desperate need of action. Because of the national security implications, cybersecurity is an area where the laws and regulatory policy that govern it must keep pace with technological innovation; however, little agreement has been reached among policymakers in Washington, DC.
Numerous bills have been introduced in Congress to address our nation’s vulnerabilities to cyber-threats, including legislation that would improve transparency and information sharing, fund additional research and education, and improve consumers’ ability to be notified when their data has been compromised. However, to date no further action has been taken, and barring a catastrophic cyber-related attack against the U.S., it’s unlikely that lawmakers on Capitol Hill will come together to pass a comprehensive cybersecurity bill in the near future.
In the absence of a legislative solution, President Obama issued an executive order on “Improving Critical Infrastructure Cybersecurity” to launch the Cybersecurity Framework. A public-private sector collaboration, the Cybersecurity Framework is meant to serve as a voluntary how-to-guide for organizations in the critical infrastructure community to better protect themselves against cyber-attacks.
Because venture capital investors invest in companies focused on data, mobile and network security solutions to address online threats, the venture community has been at the forefront of the growing cybersecurity industry and is committed to developing policy solutions to help address our nation’s cybersecurity vulnerabilities.
NVCA members and the entrepreneurs they fund have been instrumental in working with officials from the Department of Homeland Security and Members of Congress to identify where the innovations are occurring as well as share information about how best to prevent or minimize cyber-threats in the future.
While President Obama’s executive order is a good first step, on its own it’s not enough to protect us from the growing threat of cyber-attacks. Only after Congress passes and the president signs a comprehensive cybersecurity bill will we have sufficiently protected ourselves from a growing threat.