recommended reading

Any cybersecurity bill is better than no bill, senate panel told

Thinkstock

A panel of security experts urged Congress on Wednesday to do something—anything—to combat cyberthreats to the United States.
 
The panel of witnesses before the Senate Homeland Security and Governmental Affairs Committee had specific recommendations, but with a nearly unified voice they all agreed that moving ahead with any current legislative proposals is better than doing nothing.
 
“If we don’t act now, I can assure you that whatever comes after something bad happens will be much more draconian and not as constructive as it could be,” Frank Cilluffo, director of George Washington University's Homeland Security Policy Institute, told the committee.
 
Senate Majority Leader Harry Reid, D-Nev., has said he wants to move forward with floor debate on the Cybersecurity Act of 2012 by the end of July.
 
The bill is championed by leaders of the Senate Intelligence, Commerce, and Homeland Security committees, including Homeland Security panel Chairman Joe Lieberman, ID-Conn. But the bill has been delayed for months because some Republicans don’t want the Homeland Security Department to have the authority to help set security standards for some private networks.
 
But former National Security Agency and Central Intelligence Agency Director Michael Hayden said all the proposals on the table, including standards, information sharing between businesses and government, and a potential increased role for U.S. intelligence agencies, should be enacted.
 
Any potential problems can be ironed out later, he said. “I’d do them all. And I would keep an open mind a adjust fire in a year or two.”
 
Earlier this week, the head of the U.S. Cyber Command, Gen. Keith Alexander, urged lawmakers in a speech to enact a bill before a catastrophic attack leads to an overreaction.
 
RAND Corp. terrorism analyst Brian Michael Jenkins said any bill won’t be 100 percent right. But, he said, “It’s important to get these things moving rather than finding the absolute perfect legislation."
 
That did not sit well with Senate Armed Services Committee ranking member John McCain, R-Ariz., who is a chief critic of Lieberman’s Cybersecurity Act and who has introduced competing cybersecurity legislation of his own.
 
Invoking the Hippocratic oath, McCain rebuked the witnesses for not acknowledging the potential harms he sees in giving government officials the authority to set security standards. “The first principle is do no harm,” McCain said. “The thing we don’t want to do is do something wrong.”
 
McCain and other Republican committee leaders are pushing their own bill, which mirrors many of the Cybersecurity Act’s proposals such as encouraging businesses and government to share cyberthreat information with each other, but leaves out any new authority to set standards.
 
Several compromise proposals are in the works that would soften some of the standards proposals.
 
But many of the proposals are still eliciting pushback from businesses, which don’t want new regulations, and civil liberties advocates, who fear information sharing could undermine privacy.
 
The latest United Technologies/National Journal Congressional Connection Poll found that despite expressing concern over cyberthreats, a majority of Americans don’t favor information sharing because of privacy concerns, and are opposed to government-set standards.
 
Homeland Security Committee ranking member Susan Collins, R-Maine, has held on as the lone GOP cosponsor of the Cybersecurity Act. She said the protection of critical networks such as those connected to electric grids and water-treatment plants can’t be left up to voluntary measures.
 
Waiting to act, Collins said, is risking a catastrophic cyberattack.
 
“I can think of no other area where the threat is greater and we’ve done less to counter it,” she said.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

    Download
  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

    Download
  • Effective Ransomware Response

    This whitepaper provides an overview and understanding of ransomware and how to successfully combat it.

    Download
  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

    Download
  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.

    Download

When you download a report, your information may be shared with the underwriters of that document.