By Suzanne Kelly
Republican senators are proposing cybersecurity legislation calling for a series of government incentives to make sure that companies comply with security issues.
The bill is meant to counter separate proposed legislation that seeks to designate the Department of Homeland Security as the lead agency for securing the nation's cybersphere infrastructure.
The Republicans have dubbed their bill the SECURE IT Act, or the Strengthening and Enhancing Cybersecurity by Using Research, Education, Information and Technology Act.
"As our nation faces increasing cyberattack in a critical economic environment, we must ensure that the private sector has the authority it needs to defend its own networks and share cyberthreat information to prevent future attacks," said Sen. Saxby Chambliss, R-Georgia, who was one of eight senators introducing the legislation Thursday.
"Now is not the time for Congress to be adding more government, more regulation, and more debt - especially when it is far from clear that any of it will enhance our security," he said.
The act is the Republican answer to a bill introduced by the Senate Homeland Security and Government Affairs committee last month. The Lieberman-Collins bill designates the Department of Homeland Security as the lead government agency to tackle cybersecurity issues, with a particular emphasis on requiring businesses that operate critical infrastructure, such as air traffic control and electrical grids, to prove to the government that they have adequate cybersecurity measures in place to protect them against computer-based attack.
Republican Sen. John McCain scoffed at the legislation when it was introduced and joined Chambliss and the other Republican senators to introduce their version of the bill, which does not designate a lead agency to coordinate the government's efforts to secure cyberspace.
Instead, the act relies on a series of government incentives to make sure that companies comply with security issues.
Leaders of the Senate Homeland Security Committee fought back by urging prompt consideration of the Lieberman-Collins bill - the Cybersecurity Act of 2012, which was introduced in mid-February - reiterating the threat that currently exists.
In an earlier hearing, Sen. Jay Rockefeller, D-West Virginia, used the example of an attack on the air traffic control system to lay out a worst-case scenario for a cyberattack.
"Cyberhackers can take that out," he said. "So the planes are literally flying in the dark and they will fly into each other and kill a lot of people."
Under the Lieberman-Collins bill, the Department of Homeland Security would be responsible for making sure that companies controlling critical infrastructure implement proper safeguards.
Critics who thought the bill didn't go far enough complained that the "self-reporting" was a weak point, but critics like McCain who are proposing even less government involvement argue that it would be a mistake to seat a new cybersecurity department within what he referred to as the "regulatory leviathan at DHS."
The critical need to come up with some kind of plan has been emphasized by officials such as FBI Director Robert Mueller, who has said that he expects the cyberthreat to surpass the threat of terrorism in the not-too-distant future.