Cybersecurity bill passes first hurdle
Senate Commerce Committee approves closely watched Cybersecurity Act
Computerworld - A closely watched bill that promises to introduce some major changes on the federal cybersecurity front was approved by the Senate Commerce Committee today just days after it was introduced by Senators Jay Rockefeller (D-W.Va.) and Olympia Snowe (R-Maine).
The proposed legislation is called the Cybersecurity Act (S.773) and is a revised version of a bill that was originally introduced by the two Senators last year.
It seeks to improve national cybersecurity preparedness by fostering a closer collaboration between the government and private sector companies, which own a vast portion of the country's critical infrastructure.
The bill would require the President to work with owners of critical infrastructure systems to identify and properly classify IT systems whose disruption would threaten strategic national interests.
It would also require federal agencies that are involved in cybersecurity, to share information with private sector operators of critical infrastructure networks.
The bill contains several provisions designed to encourage the growth of a trained and certified cybersecurity workforce, promote public awareness of cybersecurity issues and to foster and fund research leading to the development of new security technologies.
If passed, the bill would require agency heads to provide information on their cybersecurity workforce plans including recruitment, hiring and training details.
But s controversial provision in the original bill that would have given the president near complete authority to disconnect private and government networks from the Internet in the event of a cyber emergency has been removed in the new version of the bill.
Instead, the revised bill calls for the President to work with key executive in critical infrastructure industries to formulate an appropriate response in a cyber crisis.
The smooth passage of the bill through the Senate Commerce Committee is a sign of the broad bi-partisan support that the bill has garnered so far. Many see the legislation as vital to building the capabilities needed to respond to the array of cyber threats facing government, critical infrastructure and private industry these days.
In a statement, Mike Bregman, Symantec Corp.'s chief technology officer, lauded the passage of the bill out of committee. "The bill recognizes cybersecurity as a share, public/private collaboration, led by private sector innovation and based on market-driven incentives," Bregman said.
The bill comes amid heightened concern in Washington over the recent attacks against Google and dozens of other high-tech companies apparently by operatives based in China.
The attacks have prompted calls for the U.S. to develop a formal cybersecurity strategy that is focused on shoring up defenses while building out a cyber offensive capabilities.
The Rockerfeller-Snowe legislation is one of two major bills that have been proposed in Congress recently. The other bill is called the International Cybercrime Reporting and Cooperation Act, and is sponsored by Sens. Kirsten Gillibrand (D-NY) and Orrin Hatch (R-UT).
The bill, introduced in the Senate earlier this week, seeks to curtail aid, financial help and trade programs with countries that are seen as havens for cybercriminals. It has already garnered industry support from the likes of American Express, Mastercard, Visa , eBay, Facebook, Microsoft and Cisco, Gillibrand's office said.
Meanwhile, a separate proposal is being floated among lawmakers and the U.S. State Department for the creation of an ambassador-level position for negotiating cyber-security matters at the United Nations and for ensuring the country has a consistent international policy on the issue.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed . His e-mail address is firstname.lastname@example.org.
- University of North Florida breach exposes data on 107,000 individuals
- Zeus Trojan bust reveals sophisticated 'money mules' operation in U.S.
- GAO slams White House for failing to lead on cybersecurity
- Man charged with attack on Web site of Fox News' Bill O'Reilly
- Heartland breach expenses pegged at $140M -- so far
- IT contractor gets five years for $2M credit union theft
- Democracy would suffer if Google left China, says MIT panel
- Gonzalez accomplice gets five years for hacking TJX
- Threat of cyberattacks from overseas high, federal IT execs say
- Botnets 'the Swiss Army knife of attack tools'
Read more about Cybercrime and Hacking in Computerworld's Cybercrime and Hacking Topic Center.
- Transforming Information Security: Future-Proofing Processes This report provides a valuable set of recommendations from 19 of the world'd leading security officers to help organizations build security strategies for...
- The Evolution of Corporate Cyberthreats Cybercriminals are creating and deploying new threats every day that are more destructive than ever before. While you may have more people devoted...
- 3 Questions to Ask Your DNS Host about Lowering DDoS Risks Neustar has had wide-ranging conversations with clients wanting to know how they can optimize protection as DDoS attacks increase in frequency and size.
- The Danger Deepens: 2014 Neustar Annual DDoS Attacks and Impact Report This report compares DDoS findings from 2013 to 2012, based on a survey of 440 North American companies, including 139 businesses delivering technology...
- Establish Cyber Resiliency: Developing a Continuous Response Architecture Many enterprises fail to proactively prepare the battlefield for a data breach by only leveraging outdated techniques that focus on the perimeter or...
- An Incident Response Playbook: From Monitoring to Operations As cyber-attacks grow more sophisticated, many organizations are investing more into incident detection and response capabilities. In this webcast, learn how to develop... All Cybercrime and Hacking White Papers | Webcasts