recommended reading

NSA Chief Appeals for Cybersecurity Legislation

Charles Dharapak/AP

The head of U.S. Cyber Command on Wednesday argued cyberattacks on U.S. networks will increase if Congress does not pass cybersecurity legislation that would compel critical-infrastructure providers -- including nuclear-power plants -- to share more information with the government when they are hacked, the Washington Post reported.

Gen. Keith Alexander, who also directs the National Security Agency, implored attendees at a Washington conference to think of potential cyber attacks on Wall Street computing networks.

“What we can tell you is how they went down and how bad they were, but if we can’t work with industry, if we can’t share information with them, we can’t stop it,” the Post quoted him as saying at the Billington Cybersecurity Summit.

The four-star Army general noted how terrorists are becoming more adept at cyber attacks, according to Politico.

“Over 950 people were killed in Kenya, Syria, Iraq, Yemen and Afghanistan,” Alexander said, referring to violence in those countries, “and we’re discussing more esoteric things here. Why? Because we’ve stopped the terrorist attacks here.”

His comments came a day after a senior Senate Democrat said she has drafted legislation in her chamber that would be akin to the Cyber Intelligence Sharing and Protection Act, which the Republican-led House passed in April.

Senate Intelligence Committee Chairwoman Dianne Feinstein (D-Calif.) said she plans to try to advance her draft bill, according to the Hill newspaper’s technology blog.

The House-passed CISPA is intended make it easier for critical-infrastructure providers to legally share more cyber-threat data with each other and with the government, and also to encourage them to collaborate as such. The bill has been viewed by industry as a less-onerous alternative to thwarted Senate cybersecurity legislation crafted last year by former Senator Joseph Lieberman (I-Conn.) and current Senator Susan Collins (R-Maine), which the U.S. Chamber of Commerce charged would lead to excessive regulation.

How Feinstein’s potential CISPA-like bill would fare in the Senate and with President Obama remains to be seen. The White House said Obama could veto the House version of the bill, which it argued it would not significantly protect citizens’ data privacy.

Alexander made his Wednesday appeal for passing a cybersecurity measure while such legislation does not appear to be advancing in Congress. Lawmakers and cybersecurity advocates said the chance of movement has decreased even more since former NSA contractor Edward Snowden leaked intelligence documents to the media detailing the agency’s widespread surveillance activities. Some in Congress are more focused now on limiting NSA’s surveillance powers.

Alexander appealed at the Washington confab for industry to “work with us on cyber legislation.”

Threatwatch Alert

Network intrusion / Spear-phishing

Researchers: Bank-Targeting Malware Sales Rise in Dark Web Markets

See threatwatch report

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

    Download
  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

    Download
  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

    Download
  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

    Download
  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

    Download

When you download a report, your information may be shared with the underwriters of that document.