J.P. Morgan Chase, Lockheed Martin and Microsoft are among 32 technology, banking and retail companies urging lawmakers to pass legislation that provides legal protection for sharing hacking threats.
Cybersecurity legislation is needed in part because of the rise in online data breaches and thefts, top lawyers for the companies said Monday in a letter to congressional leaders.
“Cyberattacks have accelerated in frequency and sophistication and present a significant risk to our national and economic security,” said the letter also signed by Aetna, Bank of America, American Express and Walgreens Boots Alliance. “There is an urgent need for action to help bolster our country's cybersecurity defenses.”
U.S. lawmakers are renewing efforts to advance cybersecurity legislation, which has been stalled in Congress for four years. Government and industry officials who support legislation think momentum has finally shifted in their favor following recent high-profile hacking attacks on Anthem Inc., Sony Pictures Entertainment and other major companies.
President Barack Obama has submitted a legislative proposal to Congress that would give companies legal protections for sharing threat information as long as they take reasonable steps to remove data that could jeopardize personal privacy.
Sen. Tom Carper, D-Del., introduced a bill last month that essentially mirrors Mr. Obama's proposal. Meanwhile, the top Republican and Democrat on the Senate intelligence panel — Richard Burr of North Carolina and Dianne Feinstein of California — are writing their own version of the bill, which has yet to be introduced.
The companies didn't take sides by advocating for any particular bill in their letter, which was sent to House Speaker John Boehner, Senate Majority Leader Mitch McConnell, Senate Minority Leader Harry Reid and House Minority Leader Nancy Pelosi.
“Government leaders, industry and cybersecurity experts all agree that neither the government nor industry can solve this problem alone,” the letter said. “Rather, a collaborative approach is required to facilitate the real-time identification, detection and mitigation of emerging cyberthreats.”