This week, legislation to establish better security of public and private cyber infrastructure died in the U.S. Senate after businesses, through the U.S. Chamber of Commerce, fought the proposal, claiming the improvements were too expensive.
In a last ditch press conference effort by the Obama Administration, in which Security Magazine attended, John Brennan, assistant to the President for homeland security and counterterrorism, pleaded that the act should not be viewed as a partisan issue. By and large, it turned out, Senate Republicans killed any hope of passage this year. At the same press conference, General Keith Alexander, commander, U.S. Cyber Command, and director of the National Security Agency, warned that cyber threats are real and we need to act now.
The original goal of the bill was to let the government enforce minimum security standards for the computer systems that run power plants, air traffic control systems, dams and other critical infrastructure. The legislation was then amended to make government oversight entirely voluntary. Left in: the sharing of information between private companies and government agencies. But this also proved controversial with opponents either wanting to expand or limit the government’s powers of surveillance.
The Information Technology Industry Council (ITI), which has been engaged for many months in the bipartisan effort to forge Congressional cybersecurity legislation, expressed its disappointment that the Senate was unable to reach an agreement on a path forward for the Cybersecurity Act of 2012.
In a statement obtained by Security, Dean C. Garfield, ITI president and CEO, stated that the Senate has worked to shape bipartisan cybersecurity legislation that would help to protect the country from ever-evolving cyber dangers. The tech sector strongly backs efforts to develop a collaborative, innovative cybersecurity structure that can protect public safety, national security, and economic stability.
The Senate vote is a reminder that we have a long way still to go. We hope that, despite this setback, Senators will continue to work with stakeholders and reach agreement on a proposal that embraces security innovation as the best way to counter the threats we all know are out there. Any effort must recognize the critical importance of private-sector leadership for information and communications technology innovation, increased information sharing, and a risk-management approach.