recommended reading

Reid presses senators on cybersecurity

Senate Majority Leader Harry Reid, D-Nev., has urged key senators to reach an agreement quickly on a comprehensive cybersecurity bill that he could take to the floor as early as September, according to some congressional aides.

Reid met privately Wednesday with the leaders of Senate panels with jurisdiction over cybersecurity, including Homeland Security and Governmental Affairs Chairman Joe Lieberman, I-Conn., Commerce Chairman John (Jay) Rockefeller, D-W.Va. and Intelligence Chairwoman Dianne Feinstein, D-Calif.

The message from the meeting was to meld competing cybersecurity bills together by September, if not earlier, two congressional aides said. Reid's office would not confirm or deny the timeline, saying only that he conveyed to senators the urgency of reaching a consensus on a bill.

"Sen. Reid asked committee chairs to reach out to Republican members of their committees and work on a bipartisan basis as the bill moves forward," a Reid spokeswoman said. "He discussed the urgency of the legislation and impressed upon chairs that work needs to proceed quickly."

Officials from government and private companies have been warning for years that critical national information technology networks are under increasing electronic attacks and remain too vulnerable.

When asked what has prompted Reid's sense of urgency, his spokeswoman said he was briefed last year on a national intelligence estimate for cybersecurity and has had other conversations and meetings that convinced him of the need to act.

But it remains unclear what kind of bill will emerge in the coming weeks. Two major bills are now being circulated in the Senate, one by Lieberman and Homeland Security and Governmental Affairs ranking member Susan Collins, R-Maine, the other by Rockefeller and Sen. Olympia Snowe, R-Maine, a senior member of the Senate Commerce Committee.

"I am very encouraged about the prospects for cybersecurity legislation passing the Senate this year," Lieberman said in a statement. "The Majority Leader has given us our marching orders, and Senator Collins and I are working with other relevant committee chairs to harmonize our various proposals for a comprehensive bill that will significantly strengthen the security of public and private sector cyber networks."

A spokeswoman for Rockefeller confirmed he is working with Lieberman to forge a consensus bill. "Cybersecurity has been a priority for Chairman Rockefeller for many years and he is very encouraged that so many others have recently joined together on this enormously important effort," she said.

Meanwhile, the fiscal 2011 defense authorization bill contains cybersecurity provisions and is regarded as a must-pass bill, aides noted. Senators might just load up that bill with other cybersecurity measures.

As the Senate's focus on legislation intensified, the White House held a close-door meeting on cybersecurity Wednesday, which included a brief appearance by President Obama. Larry Clinton, president of the Internet Security Alliance, attended the session and said he was encouraged to hear Obama say that the administration does not want to place heavy-handed cybersecurity regulations on private companies.

Clinton added he is encouraged by many provisions in the Senate cybersecurity bills but fears that a bad bill might be cobbled together in a rush without fully taking into account the concerns of industry.

"The old saying is that government does two things well: nothing and overreact," Clinton said. "We're kind of moving out of the era where Congress has done nothing with cybersecurity, but it's now important that they not overreact."

Threatwatch Alert

Credential-stealing malware / User accounts compromised / Software vulnerability

Android Malware Infects More than 1M Phones, Adds 13,000 Devices a Day

See threatwatch report

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

    Download
  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

    Download
  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

    Download
  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

    Download
  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

    Download

When you download a report, your information may be shared with the underwriters of that document.