Incentives to encourage Internet industry stakeholders to participate in a voluntary cybersecurity framework agreement being developed by the Department of Homeland Security (DHS) and the National Institute of Standards and Technology (NIST) to reduce cyber risks to the United States’ critical infrastructure should be a key component of the nation’s cybersecurity policy, USTelecom said in comments filed with the United States Department of Commerce through the National Telecommunications and Information Administration (NTIA).
In its comments, USTelecom noted that its members already have market-based incentives to maintain robust cybersecurity safeguards for its infrastructure because their business models are dependent on having a secure, resilient, always on and reliable network.
And it is critical that the final agreement developed by DHS and NIST does not turn into a de facto government mandates, USTelecom said.
“A rigid, top down, checklist or regulatory approach will have little value and applicability in an environment with emerging cyberthreats and runs the risk of distorting the marketplace by driving the private sector towards inefficient, rote checklists that could make us less secure," USTelecom added.
Among the recommendations USTelecom said that should be considered while developing the framework agreement to encourage industry participation includes:
• Cost-benefit analyses of rules in the agreement
• Safe harbor laws for firms that participate in the agreement
• Incentives that support innovative ways to combat cyberthreats
• Increased information sharing among industry stakeholders
• Targeted tax incentives, subsidies and grants
To read the comments, click here.