Last updated: April 4, 2012 - 10:00pm
Legislation sponsored by Sens. Joe Lieberman (I-CT), Susan Collins (R-Maine), and others, would require owners and operators of critical infrastructure assets to notify the Department of Homeland Security of any and all cyber intrusions into their operating systems. Currently, such reporting is strictly voluntary, and security experts say only a fraction of the incidents come to the government's attention.
The Lieberman-Collins initiative would also establish baseline cybersecurity standards that all companies in an industrial sector would be required to meet. The legislation, however, has run into stiff opposition from private firms, the Chamber of Commerce and from members of Congress who view it as heavy-handed. "Unelected bureaucrats at the [Department of Homeland Security] could promulgate prescriptive regulations on American businesses," charges Sen. John McCain (R-AZ), the co-author of an alternative cybersecurity bill that favors voluntary information sharing between the government and private industry. Advocates of mandatory cybersecurity standards, however, say the owners and operators of critical assets have consistently underestimated their vulnerability to cyberattacks and therefore are unlikely on their own to take the steps necessary to bolster their own defenses, particularly if they cost money.
The wrangling over cybersecurity, however, is not strictly partisan. Among the advocates of tough, compulsory measures are several former Bush administration officials, including Michael Chertoff, a former secretary of Homeland Security, and Michael McConnell, a former director of National Intelligence, as well as FBI Director Robert Mueller, who has served under both Presidents Obama and Bush. McConnell is especially dismissive of the argument that the mandatory cybersecurity measures being proposed would be anti-business.
- Talks heat up behind cybersecurity law
- How to make Internet more secure?
- Senators Urge New Powers for President to Respond to Cyber Attacks
- Senate in search of consensus on data breaches
- New Cybersecurity Bill Unveiled
- S 413 The Cybersecurity and Internet Freedom Act
- Sen Lieberman: Cybersecurity Bill Without Enforceable Standards 'Doesn't Get Job Done'
- Latest Cybersecurity Bill Prohibits Internet 'Kill Switch'
- Bill Would Have Businesses Foot Cost Of Cyberwar
- White House pans GOP cybersecurity bill
- Sen Collins questions White House control over cybersecurity
- Senate votes down Cybersecurity Act a second time
- Revised cybersecurity bill introduced
- Civil liberties groups urge rejection of White House-supported cyber bill
- Sen Collins says DHS should lead cybersecurity, not White House