Cybersecurity Policy
Intel public policy: How Intel promotes innovation worldwide
Government and industry are concerned that the increasing organization and sophistication of cybersecurity adversaries is leading to more frequent and severe cybersecurity incidents. Security is one of Intel’s three main computing pillars (along with power-efficient performance and connectivity). The company is at the forefront of efforts to improve cybersecurity as both a consumer and developer of cybersecurity technologies, and has invested billions of dollars in security technology. Intel integrates security technology into our products and creates specific cybersecurity hardware and software under our Intel Security brand.
Key Issues
Intel supports cybersecurity and privacy legislation and regulation that will promote trust in Intel products and technology and help governments, businesses, and individuals better secure their networks, intellectual property, and data. To accomplish these goals, we encourage governments to focus on bipartisan consensus approaches to improve cybersecurity and privacy while fostering IT innovation. We have advocated against regulatory approaches to critical infrastructure or supply chains that could impact product design and development and set bad precedents globally. To build sound cybersecurity policy, we ask government to focus on the following:
- Congress should make progress on consensus areas. Intel asks Congress to advance legislation targeting areas of bipartisan consensus: (1) sensibly improving industry and government information sharing in a way that ensures privacy is protected, offers adequate liability protection to business, and promotes continued innovation; (2) promoting cybersecurity research and development (R&D) and workforce development; (3) strengthening the security of government networks through Federal Information Security Management Act (FISMA) reform; (4) strengthening criminal penalties for cybercrimes.
- Congress should support the National Institute of Standards and Technology (NIST) Cybersecurity Framework approach to improving cybersecurity. Intel commends the administration and NIST for constructing the cybersecurity framework hand-in-hand with industry and other stakeholders to build a model of a voluntary, risk-based tool that can be utilized by a broad array of public and private sector organizations.
- Cybersecurity should not provide a rationale for protectionist policies. Intel believes the trustworthiness of technology products should be based on how it is made instead of where it is made. Intel, as a leading global technology company, advocates against legislation that excludes companies from markets based on the company's country of incorporation. Intel is concerned such legislation in the United States might spur legislation elsewhere, which would negatively impact US companies. Any cybersecurity legislation, regulation, standard, or policy should include adequate privacy protections and serve as a useful template for action by other countries.
- Modernizing legislation governing government access to private sector data is necessary to build trust. More needs to be done to increase the trust and confidence in the use of technology. Doing so requires not only private sector innovation, but also government policies that focus on public-private collaboration, and thoughtful deliberation by government, industry, and other impacted stakeholders. Intel supports the Digital Due Process Coalition and modernization of the Electronic Communications Privacy Act, and believes practical reforms to Foreign Intelligence Surveillance Act (FISA) surveillance laws that optimize for national security, individual privacy, and economic security interests can help build trust and serve as a useful guide for other countries.