An association of politically conservative chief executive officers issued Oct. 11 a position paper critical on some aspects of the White House cybersecurity legislative proposal.

Specifically, the Business Roundtable says a proposed cybersecurity performance standards framework under which the Homeland Security Department would audit private sector operators of critical infrastructure "waste scarce resources."

Such a framework would also likely spur other countries to follow the United States' example and institute their own cybersecurity frameworks, meaning that U.S. companies would have to contend with "increased regulations overseas, adding unnecessarily to the complex burdens associated with doing business" internationally, the paper says.

However, in one respect, the White House's proposal doesn't go far enough, the paper adds--specifically, with criminal penalties for hackers. The White House says hackers convicted of damaging a critical infrastructure computer should get a mandatory minimum 3-year prison sentence--a proposition that's already found skepticism in Congress.

The Business Roundtable says 3 years isn't enough, and mandatory prison sentences should apply to "attacks on all corporate computers, whether critical infrastructure or otherwise."

For more:
- download the Business Roundtable position paper (.pdf)

Related Articles:
Leahy opposes 3-year mandatory minimum for critical infrastructure hacking 
Obama administration not against cybersecurity liability protection, says McConnell 
White House cybersecurity proposal would create disincentives, says industry group head