For decades, the government and the private sector have been able to work together where security is concerned, and we need to follow that pattern here. We need to work together. Security is not something that shows up on your return on investment. Security is something that just comes out of your cost, but it is a cost of doing business, and it has to be recognized as such, and we have to be able to recognize that those prevention dollars really matter.
And so if you are in an area that represents the critical infrastructure of the country, there is a private and a public responsibility for security. That’s what we are encouraging. That’s what the legislation the president supported this past spring was intended to do: to improve information sharing, and to develop and require best practices among the nation’s core critical infrastructure.
We’ve testified hearing after hearing after hearing. We’ve presented over 100 briefings. But this was unfortunately an area where even though it involves security, we could not find bipartisan agreement, by and large. We are committed to continuing to work for legislation. It would update, it would streamline, the existing authorities we have. We want to work with the Congress on this. But the plain fact of the matter is that if Congress cannot act, then other options will need to be pursued. The matter is simply too serious.