Republican senators introduce their own cybersecurity bill
The SECURE IT Act won't create new regulations for U.S. businesses, its sponsors say
IDG News Service - Seven senior Republican U.S. senators have introduced cybersecurity legislation after saying that an earlier bill would create costly regulations for businesses.
The sponsors of the new Strengthening and Enhancing Cybersecurity by Using Research, Education, Information, and Technology (SECURE IT) Act also complained that they did not have enough input on the earlier legislation.
The Republican senators, including John McCain of Arizona, Kay Bailey Hutchison of Texas and Chuck Grassley of Iowa, introduced the SECURE IT Act on Thursday. They touted the bill as a less regulatory alternative to the Cybersecurity Act, a bill introduced by two Democrats, an independent and a Republican in February.
"The SECURE IT Act strengthens America's cybersecurity by promoting collaboration and information-sharing, updating our criminal laws to account for the growing cyber threat and enhancing research programs to protect our critical networks," McCain said in a statement. "This legislation will help us begin to meet the very real threat of cyber attack."
The Cybersecurity Act would allow the secretary of the U.S. Department of Homeland Security to designate some private networks as critical infrastructure and require them to submit security plans to the agency. But the SECURE IT Act has no such regulations, instead focusing on encouraging private companies and the federal government to share more information about cyberthreats, sponsors said.
The new bill would give legal protections to private groups that share information about cyberthreats. The older bill also includes some information-sharing provisions, but critics have said legal protections would cover only businesses that share information with the U.S. government.
The new bill would also increase the prison terms for many cybercrimes, with the prison sentence for knowingly accessing a computer without authorization and obtaining national defense information increased from 10 to 20 years. The penalty for intentionally accessing a federal computer without authorization or a computer containing financial records would increase from one to three years, or from five to 10 years if the offense was committed for purposes of private financial gain.
The Cybersecurity Act does not change criminal penalties.
"Our bill represents a new way forward in protecting the American people and the country's cyber infrastructure from attack," Grassley said in a statement. "It's a bill that can be supported by all partners that have an interest in cybersecurity. Instead of the heavy hand of the government, our approach promotes information sharing and keeps the taxpayers' wallets close."
Some groups had expressed concern that the new bill would allow the U.S. National Security Agency to monitor U.S. networks in the name of cybersecurity. The SECURE IT Act does not expand the NSA's role, however.
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Firewall Buyers Guide Operate as the core of your network security infrastructure
- Getting Started With a Zero Trust Approach to Network Security The Traditional Approach to Network Security is Failing. View Now>>
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts