- Israel hits symbols of Hamas rule; scores killed
- Mississippi abortion law can’t be enforced
- Teacher who survived Sandy Hook has book deal
- Jury awards Jesse Ventura $1.8M in case vs. ‘American Sniper’ author Chris Kyle
- Government OKs Arab-owned company to operate U.S. cargo port
- Defense lawyer: McDonnell’s wife had ‘crush’ on CEO
- Chinese hackers stole ‘huge quantities’ of sensitive data on Israel’s Iron Dome
- House unveils bill to speed deportations of illegal immigrant children
- Californians protest middle school for hiring white man to teach cultural studies
- Killer’s sentencing overturned because mother couldn’t find seat in courtroom
Senators pushing business-backed cybersecurity bill
Avoids regulatory approach
Question of the Day
Senators put forward a bipartisan, business-backed measure Tuesday that aims to toughen the nation's cybersecurity by relying on voluntary compliance by banks, utilities and other companies.
Observers said the bill — the Cybersecurity Act of 2013 — has a good chance of becoming law because it avoids the regulatory approach opposed by the business lobby.
"They have stayed away from the most controversial areas," said David LeDuc, senior director for public policy at the Software and Information Industry Association.
The Senate Committee on Commerce, Science and Transportation approved the legislation Tuesday in a voice vote. Sens. John D. Rockefeller IV, West Virginia Democrat and committee chairman, and John Thune of South Dakota, the panel's senior Republican, wrote the bill.
The legislation excludes provisions that would allow companies to share real-time cybersecurity information with the federal government, principally the National Security Agency. Such information-sharing provisions have drawn opposition from privacy and civil liberties advocates after leaks about the NSA's data-gathering programs.
Former NSA chairman, retired Air Force Gen. Michael Hayden, said he doubts Congress will pass any information-sharing bill this year.
"Oh, that's all frozen, that's not going to happen," he said. "We've lost [the chance to pass a bill for] another year."
In April, the House passed an information-sharing measure — the Cyber Intelligence Sharing and Protection Act.
The bill was opposed by privacy advocates, who argued it would put the NSA, which operates under the Defense Department's jurisdiction, in charge of protecting the nation's civilian infrastructure and would facilitate broad Internet monitoring by the highly secretive agency.
The White House threatened a veto, citing privacy concerns.
Observers say the revelations by self-proclaimed NSA whistleblower Edward Snowden about the agency's vast database of telephone records of calls made in America had made the bill a political nonstarter.
"We will in perpetuity have one of the least-well-defended networks on the face of the planet, because of our political culture," said Gen. Hayden, referring to ever-increasing demands for openness and a distrust of secret government authorities.
"We haven't yet as a nation decided what we want the government to do and what we're going to let the government do on our own networks to defend us."
"What congressman is going to get up and say, 'What we really need here is to give the NSA some more running room'?" quipped Gen. Hayden, who also headed the CIA and was the second-in-command to John Negroponte, the first-ever director of national intelligence.
One of authors of the house bill, Rep. James R. Langevin, said he still believed there would be opportunities to move information-sharing legislation.
"We have to get there somehow," the Rhode Island Democrat said, adding that the sponsors had "bent over backwards" to accommodate the concerns of privacy advocates.
Jessica Herrera-Flannigan, a lobbyist working on the issue, said timing is everything.
"With the recent revelations [about the NSA] the chances for information-sharing legislation are more dubious at this point, at least until the surveillance issues are dealt with," she said.
Mr. LeDuc, from the software industry association, said the Commerce Committee bill builds on a cybersecurity executive order signed earlier this year by President Obama. The order put the National Institute for Standards and Technology, essentially the government's top technical experts, at the center of efforts to help the private sector develop a voluntary framework for cybersecurity.
If signed into law, the new Senate bill would codify the place of NIST and the involvement of industry stakeholders, but it would not spell out what the cybersecurity framework should look like.
"Your bill is narrowly tailored and industry-focused," wrote the U.S. Chamber of Commerce, which has strongly opposed a regulatory approach, in a letter to the bill’s authors Monday.
One source of opposition to both the regulatory and information-sharing provisions of previous bills was the role they envisaged for the Department of Homeland Security.
Critics pointed to the program DHS runs to ensure physical security at the nation’s chemical plants, which congressional testimony last year revealed had failed to hire staff or approve any security plans.
"DHS defending our networks? Uh-oh!" laughed Gary McGraw, a security engineer and chief technology officer for computer company Cigital, expressing widespread skepticism among industry executives about the capabilities of the troubled department.
"They are the ministry of silly walks," he said of DHS.
He said the government might be better at dealing with the aftermath of an attack and finding out who was responsible. "I call that 'Clean up on aisle four,'" he said. "But when it comes to building secure software and running secure systems," the private sector very much has the edge.
© Copyright 2014 The Washington Times, LLC. Click here for reprint permission.
About the Author
Shaun Waterman is an award-winning reporter for The Washington Times, covering foreign affairs, defense and cybersecurity. He was a senior editor and correspondent for United Press International for nearly a decade, and has covered the Department of Homeland Security since 2003. His reporting on the Sept. 11 Commission and the tortuous process by which some of its recommendations finally became ...
- Senator's memo shows Iran links in Homeland Security's troubled immigration program
- Help wanted: Homeland Security plagued by vacancies at the top
- Dems back bill to fix problems in investor visa program
- Democrats proceed with Mayorkas vote despite pending investigation
- NSA monitored 'World of Warcraft' players
Latest Blog Entries
TWT Video Picks
- Boehner rules out impeachment: 'Scam started by Democrats'
- Obama: 'Not a new Cold War,' but new Russia sanctions announced
- Obama thanks Muslims for 'building the very fabric of our nation'
- Federal judge grants 90-day stay in D.C. gun case
- Smugglers, rainstorm combine to poke holes in border fence
- PHILLIPS: Once-in-a-century stupidity
- Obama's brother wears Hamas scarf bearing anti-Israel slogans in photo
- HURT: Impeaching Obama is a losing strategy for the GOP
- Kerry's credibility questioned as fighting in Gaza rages
- D.C. seeks to stay judge's order allowing gun owners to carry in public
Obama's biggest White House 'fails'
Celebrities turned politicians
Athletes turned actors
20 gadgets that changed the world