Senate bill aims at cybersecurity standards

A new Senate bill would allow the Department of Homeland Security to set and enforce computer security standards for companies that own or operate critical systems like mobile networks, power grids and telephone/cable systems deemed to be at risk of cyber-attack.

“This bill would begin to arm us for battle in a war - that is being waged against us by our nation’s enemies, organized criminal gangs and terrorists who would use the Internet against us,” said Sen. Joseph I. Lieberman, Connecticut independent and chairman of the Senate Homeland Security and Governmental Affairs Committee.

Mr. Lieberman introduced the bill Tuesday.

In recent years, there has been growing concern over the ability of hackers, cyber-spies and malicious software to penetrate computer networks that control vital infrastructure systems.

Mr. Lieberman’s bill - “The Cybersecurity Act of 2012” (SB-2105) - would consolidate all of Homeland Security’s cybersecurity functions into a single national center, which would be headed by a cybersecurity director who would be confirmed by the Senate.

The legislation is co-sponsored by Sens. Jay Rockefeller, West Virginia Democrat; Diane Feinstein, California Democrat; and Susan M. Collins of Maine, ranking Republican on the Senate Homeland Security Committee, which will consider the measure at a hearing Thursday.

Senate Majority Leader Harry Reid, Nevada Democrat, has said he wants to bring the bill to the floor for a vote as soon as possible.

Some industry groups and privacy advocates are worried by provisions in the Lieberman bill and other cybersecurity legislation.

Industry lobbies such as the Chamber of Commerce have argued that allowing Homeland Security, rather than existing industry regulators, to set and enforce standards will add to the regulatory burden on utilities and other vital sectors.

Privacy advocates are concerned by information-sharing proposals aimed at giving government agencies greater visibility into private networks to monitor them for intrusions.

“Since we are talking about privately owned and operated networks that carry personal communications, any sharing of information must be carefully controlled,” Gregory Nojeim, an attorney with the Center for Democracy and Technology, said at a Capitol Hill briefing last week.

There is at least one other Senate bill circulating, and several are being considered by various House committees.

Observers say that, despite wide agreement on the need for legislation, there is no guarantee that a bitterly divided Congress will be able to pass a bill.

“Those who do not approve of certain sections should come to the table with alternative ideas instead of simply saying ‘no,’ ” said Jessica Herrera-Flanigan, a fellow for cybersecurity at the Center for National Policy think tank in Washington.

© Copyright 2014 The Washington Times, LLC. Click here for reprint permission.

Comments
blog comments powered by Disqus
TWT Video Picks