The Secure Times

An online forum of the ABA Section of Antitrust Law's Privacy and Information Security Committee

Sen. Rockefeller Requests Information from Fortune 500 CEOs on Cybersecurity Practices

Leave a comment

On September 19, Sen. Jay Rockefeller (D-WV) sent letters to the CEOs at every Fortune 500 company seeking informtion on their companies’ cybersecurity practices and their concerns with respect to government involvement in protecting critical cyber infrastructure.  Stating that he was "profoundly disappointed" in the Senate’s inability to pass comprehensive cybersecurity legislation in August, Sen. Rockefeller is urging President Obama to address cybersecurity issues through an Executive Order and is asking the CEOs for their views on cybersecurity, which he intends to use in support of future legislation.

Sen. Rockefeller asked the CEOs to respond by October 19, 2012 to the following eight questions:

– Has your company adopted a set of best practices to address its cybersecurity needs?

– If so, how were these cybersecurity practices developed?

– Were they developed by the company solely, or were they developed outside the company? If developed outside the company, please list the institution, association, or entity that developed them.

– When were these cybersecurity practices developed? How frequently have they been updated? Does your company’s board of directors or audit committee keep abreast of developments regarding the development and implementation of these practices?

– Has the federal government played any role, whether advisory or otherwise, in the development of these cybersecurity practices?

– What are your concerns, if any, with a voluntary program that enables the federal government and the private sector to develop, in coordination, best cybersecurity practices for companies to adopt as they so choose, as outlined in the Cybersecurity Act of 2012?

– What are your concerns, if any, with the federal government conducting risk assessments, in coordination with the private sector, to best understand where our nation’s cyber vulnerabilities are, as outlined in the Cybersecurity Act of 2012?

– What are your concerns, if any, with the federal government determining, in coordination with the private sector, the country’s most critical cyber infrastructure, as outlined in the Cybersecurity Act of 2012?

 

A list of companies that received the letter is available here.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s