Will congressional infighting stall cybersecurity laws?

Squabbling on Capitol Hill isn’t anything new, but cyber threats spanning sectors and disciplines are growing and time is running out for the current Congress to pass laws to address the critical need, according to a panel of Hill staffers and cybersecurity experts.

Several federal agencies, including the White House, Homeland Security and the Defense and Energy departments, have put forth their own cyber policies and reviews, but now, investment in more than rhetoric is becoming acutely necessary.

“There’s been an awful lot of initiatives, publications, policies and road maps, but now we need to really stop talking about the problem and writing about the problem and start solving the problem. That’s going to require real money and addressing the laws and impediments,” said Melissa Hathaway, president of Hathaway Global Strategies and a former top cybersecurity official under Presidents George Bush and Barack Obama. Hathaway spoke as part of a panel at a cybersecurity symposium held on Oct. 6 in College Park, Md., by the University of Maryland University College.

“Right now the ball is in the court of Capitol Hill. The 112th Congress has introduced 32 pieces of legislation. We’re really going to need to address the shortfalls in legislation and the shortfalls in funding the programs that are going to be the way we get to where the rubber meets the road,” Hathaway said.

Sen. Ben Cardin (D-Md.) expressed confidence that cybersecurity legislation will pass this year. But for Congress to actually address the issues in the form of lawmaking, it will require a move away from the infighting that has marred Capitol Hill operations of late. And time is running out as the year draws to a close.

“There is broad consensus across political lines, across committee lines. There is a general agreement of key things that need to be done. We’re fighting over how to do it. If you look at politics today, we cannot agree on anything. You could have a resolution to praise baseball and motherhood and someone would object to it,” said Jeff Greene, senior counsel on the majority staff of the Senate Homeland Security and Governmental Affairs Committee.

But Greene stressed that the cause isn’t doomed just yet.

“There is consistent agreement among the people spending a lot of time looking at these [cybersecurity] issues on a, that something needs to be done and b, on the basic things we need to do. That gives me hope. What makes me nervous is that we’re running down the clock. The next 30 to 45 days will be key to whether we pass anything this year,” he said.

At least some of the onus is on the public to call on Congress, the panelists indicated.

“Despite the well-publicized breaches of companies like RSA, Sony and Google – which I thought would have had a galvanizing on the public to insist upon passing comprehensive reform – we still have yet to pass comprehensive legislation,” said John Maguire, professional staff member and liaison to Sen. Olympia Snowe (R-Maine) at the Senate Select Committee on Intelligence.

Hathaway agreed that it is a topic that warrants much more attention in homes and offices across the country.

“I’d say that the awareness right now is still in the formulating stages, just the beginning. Cybersecurity is not yet a national conversation at everybody’s dinner table and everybody’s water cooler. There’s a long way to go as far as raising national awareness,” Hathaway said.