With cybersecurity threats continuing to evolve in complexity and sophistication, our members fully recognize the importance of addressing this growing threat. Protecting the technology that helps run facilities and the valuable information regarding chemical formulas and customer databases from a potential cyber-attack are a primary focus for our industry.
Policy Background
As part of our commitment under the
Responsible Care® Security Code, ACC member companies must assess cybersecurity vulnerabilities, implement security measures to address them and provide appropriate training and guidance to employees on current and emerging threats.
Unlike many other critical infrastructure sectors, the federal government regulates cybersecurity for the chemical sector. Under the
Chemical Facility Anti-Terrorism Standards (CFATS), chemical facilities must meet comprehensive cybersecurity requirements that address the protection of business networks and process control systems.
Beyond CFATS, the chemical sector has also been actively engaged with the federal government as the National Institute of Standards and Technology moves forward with implementing a
cybersecurity framework in response to Executive Order 13650.
Policy Principles:
Congress should pass legislation that fosters the sharing of timely cyber threat information by providing protections related to lawsuits, public disclosure and antitrust concerns, while also guarding privacy and civil liberties.
The federal government must aggressively prosecute cyber crimes and hold those accountable for perpetrating acts intended to cause harm to critical infrastructure operating systems, for stealing intellectual property and trade secrets or for obtaining personal information for financial gain.