Senators compete for vision of cybersecurity
By Suzanne Kelly
Republican senators are proposing cybersecurity legislation calling for a series of government incentives to make sure that companies comply with security issues.
The bill is meant to counter separate proposed legislation that seeks to designate the Department of Homeland Security as the lead agency for securing the nation's cybersphere infrastructure.
The Republicans have dubbed their bill the SECURE IT Act, or the Strengthening and Enhancing Cybersecurity by Using Research, Education, Information and Technology Act.
"As our nation faces increasing cyberattack in a critical economic environment, we must ensure that the private sector has the authority it needs to defend its own networks and share cyberthreat information to prevent future attacks," said Sen. Saxby Chambliss, R-Georgia, who was one of eight senators introducing the legislation Thursday.
"Now is not the time for Congress to be adding more government, more regulation, and more debt - especially when it is far from clear that any of it will enhance our security," he said.
The act is the Republican answer to a bill introduced by the Senate Homeland Security and Government Affairs committee last month. The Lieberman-Collins bill designates the Department of Homeland Security as the lead government agency to tackle cybersecurity issues, with a particular emphasis on requiring businesses that operate critical infrastructure, such as air traffic control and electrical grids, to prove to the government that they have adequate cybersecurity measures in place to protect them against computer-based attack.
Republican Sen. John McCain scoffed at the legislation when it was introduced and joined Chambliss and the other Republican senators to introduce their version of the bill, which does not designate a lead agency to coordinate the government's efforts to secure cyberspace.
Instead, the act relies on a series of government incentives to make sure that companies comply with security issues.
Leaders of the Senate Homeland Security Committee fought back by urging prompt consideration of the Lieberman-Collins bill - the Cybersecurity Act of 2012, which was introduced in mid-February - reiterating the threat that currently exists.
In an earlier hearing, Sen. Jay Rockefeller, D-West Virginia, used the example of an attack on the air traffic control system to lay out a worst-case scenario for a cyberattack.
"Cyberhackers can take that out," he said. "So the planes are literally flying in the dark and they will fly into each other and kill a lot of people."
Under the Lieberman-Collins bill, the Department of Homeland Security would be responsible for making sure that companies controlling critical infrastructure implement proper safeguards.
Critics who thought the bill didn't go far enough complained that the "self-reporting" was a weak point, but critics like McCain who are proposing even less government involvement argue that it would be a mistake to seat a new cybersecurity department within what he referred to as the "regulatory leviathan at DHS."
The critical need to come up with some kind of plan has been emphasized by officials such as FBI Director Robert Mueller, who has said that he expects the cyberthreat to surpass the threat of terrorism in the not-too-distant future.
@natlsecuritycnn on Twitter
Obama like nixon ,carter and our lovely gay pride clinton is doing what our lovely uk queen wants him to do and yes romney is coming . PRESIDENT ROMNEY
M - from what I can tell, you're the one who's gotta be kidding. No offense, but the kind of cyber threats this article is talking about doesn't give a good crap about private citizen's PCs being unprotected. It's critical infrastructure. And having a single authority coordinating the response is much preferred over a patchwork, fragmented response.
If this nation was attacked by the Canadian army, you would expect the government in the form of the military to defend the country. Why would you think that a cyberattack is any different?
Are you kidding me? The biggest threat to computer security are all the infected PC's out there, including within many government offices. If people won't even take the easy steps to clean those up, do you think that some stupid government cybersecurity initiative is going to do any good? All this is is a power grab by the feds.
If you want to actually do something about security, make sure you have a current antivirus program on your computer. You don't even have to pay money for one, as there are several free ones, including Microsoft Security Essentials, AVG, Avast, and Avira. If people would take that one simple step, it would go much further than either of these bills would do.
yeap'-–'guys
Sen. Chambliss and the likes do not understand cyber security. The next terrorist attack may be in cyber space. That is what happens when the GOP scoff at higher education.
Best guess is that the Repubs have relatives and croonies who would make the money if Homeland Security is not leading the cybersecurity effort.
They probably are in the pocket of some private company already.
Banks were allowed to pick the person who regulated them prior to the economic crash.
The banks choose someone who would look the other way.
When things crashed, the banks demanded Americans bail them out or they would shut down business.
Will America choose to self regulation? This is exactly what has been going on and the result is every American is vulnerable. When self regulation fails (which it inevitably will when someone decides they can make billions hacking), will the same people who voted for self regulation turn their back on 300 million Americans?
Mueller needs to retire. Cyber threats are a form of terrorism.