Balancing Innovation and Cybersecurity: Turner Hosts National Technology Security Coalition Roundtable
March 2, 2017
As the Trump administration enters its second month in office, it remains unclear what cybersecurity policy and programs will be a priority. Data breaches, foreign hacking and a lack of national cybersecurity standards continue to be a concern from the highest levels of government all the way down to businesses, both large and small.
The National Technology Security Coalition (NTSC), a non-profit, non-partisan organization focused on driving national dialogue around technology security in the U.S., held its inaugural roundtable on Turner’s Techwood Campus in Atlanta to discuss the need for federal data breach disclosure laws, the benefits of legislation for the cybersecurity community and how the U.S. can learn from European Union security and privacy laws.
Pete Chronis, Turner Chief Information Security Officer (CISO), who was appointed to serve on the Board of Directors as a founding board member in September 2016, recently led the roundtable discussion of industry experts from across the country. Senior security leaders and experts from AutoNation, Epsilon, Georgia Institute of Technology, Georgia Lottery, Georgia Pacific, IAC, Ionic Security, McDonald’s, NCR Corporation, Southern Company Gas, Synovus, Technology Association of Georgia, T.E.N., Thompson Hine, WestRock, WorldPay and others gathered to discuss the current landscape and make recommendations to the NTSC about how to improve cybersecurity in the U.S.
Key recommendations included:
- Top information security leaders (CISOs) need a greater voice on Capitol Hill. It’s clear they have been unrepresented too often in past legislative cybersecurity efforts and activities.
- Cybersecurity legislation and regulation are needed despite today’s anti-regulatory climate. The U.S. is behind other industrialized nations and is in dire need of legislation and regulations that help clarify information protection rules. For example, without federal law guiding the way businesses must disclose data breaches, companies must follow numerous state laws with varying requirements, making it more costly and difficult to disclose a breach.
- The U.S. needs to strike a regulatory balance. The EU has crafted cybersecurity legislation and regulations backed by stiff penalties if they are violated. While comprehensive EU protections may fit well in Europe, many believed these standards would be difficult to adopt here in the U.S.
When Chronis was named a founding board member of the NTSC in 2016, he shared his thoughts on the current landscape:
“There are a number of industry groups that lobby the federal government in order to influence information security-related legislation and regulation. They haven’t made significant progress and many worry that new laws and regulations can be extremely costly. But NTSC takes a different approach. We think it’s critical for the federal government to create modern standards that keep companies safe, protect shareholders and provide certainty. This can be done in a way that benefits everyone, and we want to be a part of the solution. And because we represent companies across virtually all industries, we take a big-picture view of the landscape.”
Photo from left to right: Pete Chronis (Turner CISO and Roundtable host), Patrick Gaul (Executive Director of the NTSC), Kimberly Steele (Associate Director of the NTSC), and Larry K. Williams (President and CEO of the NTSC). Photo courtesy of the NTSC.