Proposed White House Cybersecurity Incentives Could Pay Off

Cyber threats are real and they’re on the rise. In this climate, the White House is considering certain incentives for companies that follow government recommended cybersecurity measures.

While the Cyber Intelligence Sharing and Protection Act (CISPA) passed the House in April, the Obama administration’s cybersecurity program is only just taking shape, and its tentative concepts were recently unveiled.

Cybersecurity Program

According to Politico, the program appears to include the following currently proposed features:

  • A cybersecurity insurance framework that would embrace new standards that in turn could allow the emerging insurance marketplace to develop more uniform insurance underwriting;
  • The possibility of liability protections for critical infrastructure owners and operators (apparently, the Obama administration presently is studying this issue, which was controversial when previously considered by Congress);
  • Technical assistance for critical infrastructure owners and operators;
  • Special priority for specific grants for power plants, water systems, and other sectors;
  • The possibility of federal research money for technology that enables the new cybersecurity standards;
  • The potential for utilities to recover amounts they spend on cybersecurity investments; and
  • The creation of a cybersecurity branding seal-of-approval.

It is important to keep in mind that the foregoing list is still under development and is evolving. Moreover, the cybersecurity standards benchmark for an entity to qualify for government-backed incentives has not yet been clearly defined.

Incentive-Based Standards

The current thinking is that the cybersecurity program, previewed in President Obama’s 2013 State of the Union address, would be purely voluntary. Thus, the cybersecurity standards would not be shoved down the throat of any entity; rather, those entities interested in government incentives would decide whether or not to follow the government’s cybersecurity standards.

Interestingly, the current list of incentives does not include tax benefits.

Please stay tuned as the White House moves forward with its cybersecurity program.

Eric Sinrod is a partner in the San Francisco office of Duane Morris LLP, where he focuses on litigation matters of various types, including information technology and intellectual property disputes. You can read his professional biography here. To receive a weekly email link to Mr. Sinrod’s columns, please email him at ejsinrod@duanemorris.com with Subscribe in the Subject line. This column is prepared and published for informational purposes only and should not be construed as legal advice. The views expressed in this column are those of the author and do not necessarily reflect the views of the author’s law firm or its individual partners.