Whitehouse Cyber Bill Entering Crucial Phase

Cybersecurity has been building steam in Congress for some time now. And this was supposed to be the year that a bill would pass.

But Senator John McCain has led a GOP revolt against his friend Senator Joe Lieberman's bill, arguing that it would be too onerous on industry.

Enter Senator Sheldon Whitehouse, who has joined with Republican Senator Jon Kyl in attempting to fashion a compromise. And it hasn't been easy. An initial framework for the measure got poor marks from the US Chamber of Commerce and other industry groups.

As The Hill reports, a revision is expected in the coming days. This could be an important moment:

The framework aims to find a middle ground on a contentious measure in Sen. Joe Lieberman’s (I-Conn.) cybersecurity bill that would require companies that operate critical infrastructure to meet a set of security standards developed in part by the Homeland Security Department.  A group of Senate Republicans and the Chamber have argued that this measure would redirect the private sector’s focus from improving the security of its networks and systems to complying with new security rules.

“Everyone is anticipating the emergence of some type of a bipartisan compromise to break the current stalemate,” said Jessica Herrera-Flanigan, a partner at lobbying firm Monument Policy Group. “As such, every potential proposal is being looked at closely.”

The updated version of the framework does not include legislative language and is expected to be shared with the Chamber early next week, according to a Senate staffer.

In the meantime, Kyl and Whitehouse’s offices have been keeping the proposal closely under wraps. Spokesmen for Whitehouse and Kyl did not respond to requests for comment about the framework.

The White House has also made it clear that it wants security standards for critical infrastructure to be a part of any cybersecurity legislation that comes out of Congress.

This spring the White House issued a veto threat against a House cybersecurity bill, the Cyber Intelligence Sharing and Protection Act, that lacked critical infrastructure provisions and focused on improving information sharing about cyberthreats instead. Keith Alexander, the head of U.S. Cyber Command, and Homeland Security Secretary Janet Napolitano have also argued that critical infrastructure operators should be required to meet some sort of security standards when testifying on the Hill this year.

The Senate has been gridlocked on this question of how to better protect critical infrastructure since Lieberman’s bill was introduced in February.  A group of Senate Republicans led by Sen. John McCain (R-Ariz.) are sponsoring a rival cybersecurity measure that does not include security mandates for critical infrastructure operators and focuses on improving information sharing about cyberthreats between government and industry instead.  

Lieberman has said he expects Senate Majority Leader Harry Reid (D-Nev.) to take up his bill after the July recess. Reid has not given a timeframe on when the cybersecurity bill will see floor action but said he wants to tackle the issue this year.

If Whitehouse and Kyl manage to get a compromise bill through, it will be a significant achievement; you can bet that pols on both sides of the aisle will be talking about "a step in the right direction."

But whatever they produce is bound to face criticism. Anything weaker than the Lieberman bill will be considered inadequate by many in the cybersecurity field.

And Internet freedom advocates are wary of cybersecurity legislation for their own reasons, concerned that the private sector will be passing too much sensitive user information to the government.


| More

 Friends' Activity   Popular 
All Blogs
Follow the Phoenix
  • newsletter
  • twitter
  • facebook
  • youtube
  • rss
Latest Comments
Search Blogs
Not For Nothing Archives