| WASHINGTON, April 17
WASHINGTON, April 17 U.S. weapons maker Northrop
Grumman Corp on Thursday urged U.S. lawmakers to enact
cybersecurity legislation that would limit the liability of U.S.
companies and enable them to take more decisive action to
protect their computer networks.
"We need to move to a place as a country where the legal
framework matches the technology framework, or even gets within
a decade of the technology framework," Northrop Chief Executive
Wes Bush told Reuters after a speech to the Economic Club.
"It has lagged so terribly today that it causes companies to
be extraordinarily risk averse to doing some of the things that
they really need to do to better protect the infrastructure,"
He said it was critical to enact legislation that would
allow better information sharing between industry and government
on threats to computer networks.
Northrop, which provides cybersecurity equipment and
services to the U.S. Defense Department and other national
security agencies, is participating in industry-wide efforts to
improve cybersecurity and information-sharing, Bush said.
U.S. lawmakers have been contemplating legislation to
provide clarity about how private companies should be required
to disclose security breaches and cyber threats, but
disagreements over liability and other issues have thwarted
passage of any cyber security bills thus far.
High-profile data breaches at companies like Target Corp
and recent revelations of the "Heartbleed" Internet
security flaw have fed debate over who should pay to improve
cybersecurity and how much information should be disclosed.
There are also widespread concerns about possible attacks on
industrial control systems that run U.S. nuclear power plants
and other critical infrastructure.
Fred Schwien, Boeing Co's director of homeland
security programs and strategy, this week said an existing
program for sharing intelligence about cyber threats to the
aviation industry is being expanded into a full-fledged
Information Sharing and Analysis Center (ISAC) later this year.
Schwien told a cyber conference hosted by Kaspersky in San
Francisco that the new body would be modeled on a successful
center focused on financial services, and would be managed by
the Department of Homeland Security.
Schwien said a secure facility was being erected near
National Security Agency headquarters in Fort Meade, Maryland,
that will bring "an unprecedented level of information sharing"
to the industry.
Aviation companies already get classified briefings from the
FBI, Federal Aviation Administration, Department of Homeland
Security, the Office of the Director of National Intelligence,
and the Transportation Security Administration.
(Additional reporting by Joseph Menn in San Francisco; Editing
by David Gregorio)