No partisan fight over cybersecurity bill, GOP senator says
But Republican bill still the better option, says Kay Bailey Hutchison of Texas
Computerworld - A senior Republican senator on Thursday insisted there is no partisan dissent over the need for a strong national cybersecurity policy but added that a bill with Democratic backing that is stalled in the Senate is not the answer.
In a blog post in YourHoustonNews.com, Sen. Kay Bailey Hutchison (R-Texas) noted that cybersecurity is a matter of "vital national importance" to both parties.
"Experts have long cited cyber-terrorism as one of the potentially most dangerous threats to national security," Hutchison said while noting the potentially "devastating" consequences of attacks against U.S. power grids, financial institutions and other targets. "The question is not whether we act to prevent such attacks, the question is how we act," she said in the blog.
Hutchison said a White House-backed bill called the Cybersecurity Act, authored by Sens. Joseph Lieberman (I-Conn.) and Susan Collins (R-Maine), takes the wrong approach to addressing cyberthreats.
The bill calls for the creation of a national standard for securing critical cyber assets and would enable better sharing of threat-related information between private companies and government agencies. The proposed legislation is stalled in Congress over Republican concerns that it would give the U.S. Department of Homeland Security too much control over cybersecurity matters while forcing private companies to adopt government-prescribed standards.
Hutchison reiterated some of those concerns in her blog. The bill would provide "weak" legal liability protections for companies that want to cooperate with one another, and it would establish "pre-determined government mandates [that] would decide what cyber information should be shared by government," she said.
In contrast, the GOP-backed SECURE IT bill, which was authored by Hutchison, John McCain (R-Ariz.) and five other senators, is a better option, she argued. "The bill authorizes essential legal liability and antitrust protections for companies that want to work together to combat cyber threats," and requires government agencies to share relevant information with them, she said.
"The SECURE IT sponsors are concerned that the Lieberman-Collins bill would deter cooperation rather than encourage it. And we worry that it ignores cybersecurity's biggest challenge: constantly and rapidly evolving technological threats," Hutchison said.
The blog post comes two days after Hutchison and the other sponsors of the SECURE IT bill issued a joint statement expressing disappointment over the Senate's failure to pass bipartisan security legislation as the House had done earlier this year with the controversial CISPA bill, or Cyber Intelligence Sharing and Protection Act.
Before Congress adjourned for its August recess, lawmakers from both parties had shared a commitment to work toward a compromise bill that would gain bipartisan support in the Senate, the statement said. But that didn't happen, and a premature vote on the bill was forced in the Senate instead, the statement claimed. "When it returns next month, the Senate should address cybersecurity, but not in the 'take it or leave it' manner the Majority Leader pursued," before the recess.
The statement and Hutchison's blog post are unlikely to do anything to resolve the partisan divide in the Senate over cybersecurity legislation. The original Cybersecurity Act proposal has already been heavily revised to accommodate concerns but still remains unacceptable to Republicans, while SECURE IT so far has failed to gain much traction among Democratic lawmakers.
The White House has already indicated that it is considering the use of an executive order to protect critical networks if Congress fails to pass broadly acceptable cybersecurity legislation in a timely manner. The timing of such an action remains unclear.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan, or subscribe to Jaikumar's RSS feed . His email address is firstname.lastname@example.org.
Read more about Cyberwarfare in Computerworld's Cyberwarfare Topic Center.
- SANS: Next-Generation Datacenters = Next-Generation Security This whitepaper takes a look at some new technology that may allow security teams to implement more flexible and capable protection models in...
- SANS: Protecting Virtual Endpoints with McAfee Server Security Suite Essentials SANS review of McAfees Server Security Suite Essentials that address some of the emerging challenges of securing virtual platforms and cloud environments.
- Safeguarding the Next-Generation Data Center Use of virtual and cloud servers has exploded. Unfortunately, security often lags behind. McAfee recommends looking at innovative solutions in order to erect...
- Aberdeen: Securing the Evolving Datacenter This report highlights ways security technologies and services are evolving to provide the visibility and control needed to deploy workloads flexibly in the...
- Is SQL Server AlwaysOn really as powerful? Tips and Tricks from the field With the introduction of AlwaysOn, Windows Clustering Services is now more critical than ever.
- What Does it Take to Deliver a Superior Customer Experience? The Two Top-Rated Online Retailers, B&H Photo and Crutchfield Electronics, Share Their Secrets Discuss practical CX tools and service methods such as contact center agents and the use of realtime speech analytics to help contact center... All Gov't Legislation/Regulation White Papers | Webcasts