Thomas J. Donohue Thomas J. Donohue
Advisor and Former Chief Executive Officer, U.S. Chamber of Commerce


October 16, 2017


Businesses face an endless list of potential cyber enemies, ranging from financially motivated thieves to consumer data robbers to malicious state actors. Massive data breaches have underscored the ongoing threat to businesses, consumers, and national security alike. Protecting sensitive, personally identifiable information from theft or illegal uses must be a top priority for all stakeholders, which is why the U.S. Chamber of Commerce has long been an advocate for a strong cyber defense partnership between government and industry.

The Chamber was encouraged when President Trump signed an executive order earlier this year emphasizing the importance of further strengthening public-private partnerships. While more remains to be done, the business community continues to work closely with the administration to promote real-time information sharing and streamline the bureaucratic hurdles that impede private sector security efforts.

Currently, companies face a cumbersome patchwork of federal and state regulations regarding cyber defenses and notification policies in the event of a breach. We need a truly uniform federal standard for breach notification that is consistent with the best approaches in state law. To be workable and effective, any such legislation must recognize that both consumers and businesses are victims of crimes that give rise to a data breach.

Any business of any size can be a victim. The most recent Small Business Index released by the Chamber and MetLife found that almost 60% of small business owners are concerned about cybersecurity threats. And for good reason: Data show that 44% of small businesses have been hit by a cyberattack, with an average cost of around $9,000 per incident. Further, nearly 59% of companies do not have a contingency plan on how to deal with a data breach.

Awareness, education, and public-private partnerships can help all businesses improve their security. October is National Cybersecurity Awareness Month, and on October 4 the Chamber hosted itsSixth Annual Cybersecurity Summit. The summit brought together leaders from the public and private sectors to discuss challenges and strategies for presenting a united defense. And the Chamber’s ongoing Cybersecurity Education and Awareness campaign educates companies about cyber threats.

Government leaders must prioritize thoughtful and supportive solutions, and all businesses should work with law enforcement agencies and adopt basic cybersecurity fundamentals to reduce network weaknesses. This is a matter of enormous importance for consumers and the overall health of our economy. Protection of businesses’ digital assets ensures the free flow of commerce and information, which is critical to driving economic growth.

About the authors

Thomas J. Donohue

Thomas J. Donohue

Thomas J. Donohue is advisor and former chief executive officer of the U.S. Chamber of Commerce.

Read more