The Department of Commerce’s Internet Policy Task Force released a proposal Wednesday calling for a voluntary code of conduct for companies that do business online.
The Report, titled Cybersecurity, Innovation and the Internet Economy, calls for a private-public partnership to promote best
security practices and implement existing security methods into companies that
are, for whatever reason, lagging in their IT security efforts.
The Department of Commerce (DOC) report targets what the DOC calls the “Internet and Information
Innovation Sector (I3S) — loosely defined as firms that are reliant
upon the Internet to do business but which are not part of the critical
infrastructure sector. It lays out key areas for strengthening cybersecurity and preserving
consumer faith in the Internet through which an estimated $10 trillion
dollars in revenue passes each year.
The report calls for efforts in a few key areas: establishing voluntary codes of conduct to minimize cybersecurity vulnerabilities, improving public understanding of cybersecurity vulnerabilities through education and research, and enhancing international collaboration on cybersecurity best practices to support expanded global markets for U.S. products.
The DOC hopes to encourage better cybersecurity practices among businesses in the I3S with perks like less expensive cyber-insurance rates for companies that adhere to codes of online conduct and put the proper security mechanisms in place.
“Our economy depends on the ability of companies to provide trusted, secure services online,” Commerce Secretary Gary Locke is quoted as saying in the release. “As new cybersecurity threats evolve, it’s critical that we develop
policies that better protect businesses and their customers to ensure
the Internet remains an engine for economic growth.”
This report follows recent Obama administration policies and recommendations including their National Strategy for Trusted Identities in Cyberspace and a widely reported on strategy on how to deal with conflicts in cyberspace which established that, in certain situations, the U.S. government reserves the right to defend itself from Web-based attacks with kinetic force. It also echoes recommendations issued last week by the D.C. think tank the Center for a New American Security (CNAS), which called on the government to defend its vital interests online, and set and enforce thresholds that would maintain public confidence in the Internet as a medium of commerce and communication.
You can find the full report here.