Cybersecurity bill on list for passage this year

Capitol Hill staffers have made progress stitching together cybersecurity proposals into a huge bill, aides said, with Senate leadership putting it on their short list for passage this year.
  • Language
  • App
  • Subscriptions
  • Specials
  • Sign-In
  • Register
GeStepAhead master your money Realasset
moneycontrol.com

Home » News » World News

Sep 12, 2010, 02.33 PM | Source: Reuters

Cybersecurity bill on list for passage this year

Capitol Hill staffers have made progress stitching together cybersecurity proposals into a huge bill, aides said, with Senate leadership putting it on their short list for passage this year.

Like this story, share it with millions of investors on M3

Cybersecurity bill on list for passage this year

Capitol Hill staffers have made progress stitching together cybersecurity proposals into a huge bill, aides said, with Senate leadership putting it on their short list for passage this year.

Post Your Comments

Share Cancel

Cybersecurity bill on list for passage this year
Capitol Hill staffers have made progress stitching together cybersecurity proposals into a huge bill, aides said, with Senate leadership putting it on their short list for passage this year.

But stiff industry opposition and partisan tensions still make it unlikely comprehensive legislation will pass in 2010.

The legislation would require companies who sell the government USD 80 billion in hardware and software each year to bake in a certain level of security -- a potentially expensive prospect.

Senate Majority Harry Reid has put the measure on his list of top-priority bills to get through the Senate this year, the sources said.

The bill is a priority because leaps in technology have increased industrial productivity, but also left businesses and the US government vulnerable to foreign spies, such as the 2008 breach of US military computers using a single compromised thumb drive and identity thieves who have stolen untold numbers of consumer credit card numbers.

Previous congressional efforts to address these threats have run into roadblocks from high tech and telecommunications companies. They staunchly oppose any mandates -- such as certification of cybersecurity professionals or requiring portions of the network to be shut down to mitigate a threat.

"I don't think it's going to happen," Marcus Sachs, a cyber policy expert with Verizon Communications Inc, told Reuters, about the prospects for legislation this year.

The bill is based largely on a measure that Senators Joseph Lieberman, Susan Collins and Thomas Carper wrote and a second drawn up by Senators John Rockefeller and Olympia Snowe.

The 200-plus page draft, which has not yet been released, is largely completed, although sticking points remain, according to a Senate aide familiar with the bill.

"There's now a single unified bill. It is on Reid's short list," said a second Senate aide.

The goal would be to get the bill to the White House before the end of the year.

But, warned a third congressional source: "It's a difficult environment to move any legislation."

DON'T SLOW US DOWN!

Among the lingering questions is how much government can intervene into the private sector if there is an imminent cybersecurity concern.

In the working draft, critical infrastructure such as financial networks, electrical providers and the petroleum industry would be alerted if the federal government learns of a threat and told how best to protect themselves. For example, they may be told to block all Internet traffic from China or Romania.

But companies have expressed fear there could be delays in responding if the government was involved tackling a threat.

"Attacks happen in milliseconds," said Sachs. "If you (the government) want to get involved, don't slow us down."

There are also compromises in the draft bill.

For example, tech companies had opposed requiring certification for cybersecurity professionals, which was in an earlier cybersecurity bill and the current draft language recommends studying how best to require certification in the future.

"It is difficult at this time to require any type of certification," said the first Senate aide.

In addition, the Department of Homeland Security would have an even bigger role in cybersecurity.

"DHS will get expanded authorities. I think that's clear," said James Lewis, a cybersecurity expert with think tank Center for Strategic and International Studies.

The bill could come up in the next four weeks, or it could be much later, aides said.

"I know that Sen. Reid's office has been extremely engaged on it," said the first Senate aide. "Everybody would like to see this done yesterday."

Ads by Google

Buy, Hold, Sell ? Hear it first on M3
Cybersecurity bill on list for passage this year

See all

Get started using your favorite social network

or

Login using moneycontrol ID

Username
Password

Need help logging in? Reset password.

Don´t have an account? Sign Up

Get started using your favorite social network

or

Simply sign up using this short form

* mandatory

UserName*

Username should be atleast 4 character

Password*

Password should be 8 or more characters,
atleast 1 number, 1 symbol & 1 upper case letter

Alert

Your Password should contain
  • 8 or more characters
  • At least 1 number
  • At least 1 symbol
  • At least 1 upper case letter
Confirm Password*
Email
Already have an account? Login