US tax breaks for secure firms?

Congress may offer tax breaks to companies that adopt good cyber-security standards, the chairman of a House of Representatives subcommittee said on Tuesday.

But in legislating cyber security guidelines, lawmakers should avoid heavy-handed regulations, Representative Dan Lungren, a California Republican, said in a lunchtime speech in Washington.

"My fear is if we do that, we'll stifle innovation," he said. "How can we predict what the best way will be [to manage cyber security] in most of these instances?"

Lungren said the US House of Representatives cyber security subcommittee, which he chairs, is working on crafting an "overall view of ways we can work with the private sector" to develop cyber-security tools, including the possibility of creating an incentive based system.

Lawmakers also plan to address liability concerns, he said, as they want to allow companies to take some risks in coming up with new cyber-security tools without having to worry about being sued if they fall short.

Andy Purdy, acting director of the Department of Homeland Security's National Cybersecurity Division, said in a speech that his agency is also working closely with the private sector to equip itself for responding to cyber attacks.

Purdy said he expects Homeland Security secretary Michael Chertoff to announce "in the near future" the appointment of an assistant secretary for cyber security and telecommunications - a position approved by Congress during the spring. That official would be in charge of co-ordinating cyber security efforts among different agencies and research groups, Purdy said.

The agency, which has already flunked a cyber security preparedness test, is also gearing up for a November exercise, dubbed Cyberstorm, intended to give the government a chance to role-play its way through a mock cyber attack.

Anne Broache writes for CNET News.com