Senate Introduces Cybersecurity Bill that Prioritizes Information Sharing

2013-01-24T19:36:15
ID THREATPOST:450C63D4B14BEB3D9F9206CA2EC14503
Type threatpost
Reporter Brian Donohue
Modified 2013-05-13T18:38:24

Description

The United States Senate says it will prioritize the passage of a comprehensive cybersecurity bill designed to fortify the nation’s public and private IT systems in this session of Congress.

Senators John D. Rockefeller IV (D-WV), Chairman of the Senate Commerce, Science, and Transportation Committee, Tom Carper (D-DE), Chairman of the Senate Homeland Security and Governmental Affairs Committee, and Dianne Feinstein (D-CA), Chairman of the Senate Select Committee on Intelligence, made public yesterday an introduction to S.21, “The Cybersecurity and American Cyber Competitiveness Act of 2013.”

Rockefeller, Carper and Feinstein’s announcement reflects an uncomfortable reality: private and public networks and critical infrastructure systems in the U.S. are often ill-equipped to defend against complicated and pervasive attacks perpetrated by criminals, hostile states, and any number of other well-funded and capable actors.

For years, computer security and national defense experts have warned that inadequate security measures on government and private sector networks, critical infrastructure, telecommunications and many other systems represented perhaps the most potent national security and economic risk facing the nation.

The central aim of the yet-to-be-written bill will be “to secure the United States against cyber-attack, to improve communication and collaboration between the private sector and the Federal Government, to enhance American competitiveness and create jobs in the information technology industry, and to protect the identities and sensitive information of American citizens and businesses,” the introduction said.

Technology and other industry leaders have endlessly urged the government to implement something that would encourage and enable the sharing of information between the private sector and the Federal Government. It appears that this coming bill will at long last attempt to do just that.

Specifically, the bill has a handful of related objectives. They include enhancing the security and resilience of communications and infrastructure networks to better combat attacks launched by nations, terrorists, and cyber criminals; establishing mechanisms that will make it easier for the government and private sector to share cyber threat and vulnerability information; developing a clear public-private system of assessing, detecting, and responding to attacks; promoting research, development, and IT training to maintain competitive and well-paying cybersecurity jobs at home for this and future generations; preventing identity theft and data breaches; improving international cybersecurity communication and information sharing; and expanding the country’s capacity to investigate and prosecute online crimes without violating personal privacy rights and civil liberties or stunting U.S. innovation.

Other sponsors of S.21 include Carl Levin (D-MI), Barbara Mikulski (D-MD), Sheldon Whitehouse (D-RI), and Chris Coons (D-DE).

The bill has been referred to committee where it will be written before coming back to the Senate floor for a vote sometime later in the session.

The US legislature has taken a crack at writing a comprehensive cybersecurity bill more than a few times over the past couple of years. In each case, the Houses eventually failed in face of public scrutiny after writing deeply flawed bills that the Electronic Frontier Foundation once described as ranging from “downright terrible” to “appropriately intentioned.

*John Rockefeller image via SenRockefeller‘s Flickr photostream, Creative Commons.