Rockefeller: Congress Failing on Cybersecurity
Lawmakers Don't Take Threats as Seriously as They ShouldAt a hearing Tuesday on transportation security challenges before the Senate Commerce, Science and Transportation Committee - which he chairs - Rockefeller pointed out that Presidents Bush's and Obama's national intelligence directors have characterized cybersecurity as the greatest threat to national security. "We hear that, it goes right through our head, we don't do that much about it," Rockefeller told Napolitano, the hearing's only witness.
Fifty federal agencies and 20 congressional committees and subcommittees claim jurisdiction over aspects of federal cybersecurity policy, the West Virginia Democrat said. "It's a mess," he said. "But it's a mess which stands as our major national security threat. To date, Congress has not spent as much time on cybersecurity as transportation security, and that has to change. That's our fault."
A case in point of the overlap of jurisdiction: the committee Rockefeller chairs. The Commerce, Science and Transportation Committee oversees the interrelationship between government and the business community, which controls about 85 percent of the nation's critical IT infrastructure. Another committee - the Senate Homeland Security and Governmental Affairs, chaired by Sen. Joseph Lieberman, ID-Conn. - provides oversight on and drafts legislation regarding securing the federal government's IT systems as well as safeguarding the homeland from digital internal and external threats.
Rockefeller also said the cybersecurity coordinator proposed by Obama should be positioned higher up within the White House hierarchy than Obama recommended, adding that having that adviser report through the National Security Council and National Economic Council diminishes the importance of cybersecurity.
"You all had a big conference and you decided that you'd get somebody who would report - to be responsible for cybersecurity, but report to the National Security Council and to the National Economic Council, to which I say goodbye focus on cybersecurity," Rockefeller told Napolitano. "I mean, I've been through that trip before. I've seen what happens. It just - you know, by the time the Pentagon takes their chunk, you know, it won't work."
The White House information security adviser has been characterized as cybersecurity czar, which has brought criticisms from some, led by Sen. Susan Collins, R.-Maine, that too many senior administration positions are being created without requiring Senate confirmation and oversight. Rockefeller suggested those misgivings, at least concerning cybersecurity, are misplaced. "Now, there's that part of this - 'Oh, there's another czar,' to which I would say, 'Well, if that's another czar, then that's the one you want to have,' because that's the No. 1 national-security threat to our country, and will remain so."
The chairman referenced cybersecurity legislation he's drafting with Sen. Olympia Snowe, R.-Maine, that includes a provision to establish a White House cybersecurity official who would report directly to the president, and asked Napolitano to work with them on that.
Napolitano told Rockefeller she'd be happy to work with him on the legislation, but did not address the matter of the cybersecurity adviser.