Partisan Showdown over Cybersecurity Bill

Squabbling over Private-Sector Regulation

By , February 17, 2012.
Partisan Showdown over Cybersecurity Bill

Sens. Joseph Lieberman and John McCain, often legislative allies, sparred over provisions of a major cybersecurity bill that McCain contends unduly burdens business with regulations and that Democratic leaders want to rush to enact.

Partisan differences also surfaced Feb.16 at the Senate hearing as Homeland Security Secretary Janet Napolitano, a Democrat, disagreed with one of her predecessors, Republican Tom Ridge, over provisions that would require private businesses operating the nation's critical information infrastructure to meet certain IT security standards.

See Also: Security Alerts: Identifying Noise vs. Signals

Cybersecurity, for the most part, has been a bipartisan issue in Congress over the past decade, and even with divisions surfacing at the Senate Homeland Security and Governmental Affairs Committee hearing, the legislation under consideration bill - the Cybersecurity Act of 2012 - is a bipartisan bill; one of its chief sponsors and biggest defenders is Susan Collins, the Maine Republican who serves as the panel's ranking member [see Senators Unveil Major Cybersecurity Bill].

McCain, an Arizona Republican, voiced annoyance with the move by Democratic Leader Harry Reid to bring the bill to the Senate floor without the normal committee markup session, when members can offer amendments to alter the bill before the full chamber considers it.

"My friends, that's wrong," McCain said. "To suggest that this bill should move directly to the Senate because, quote. it's been around since 2009 is outrageous. First, the bill was introduced two days ago. And, where in the Senate rules does it state that a bill introduced in a previous Congress could supplant the necessary work on that bill in the present one? To treat the last Congress as a legislative mulligan by bypassing the committee process and bringing the legislation directly to the floor is not an appropriate way to begin consideration of an issue that's complicated as cybersecurity."

DHS's Role

But at the heart of McCain's objections to the bill were provisions that would have the Department of Homeland Security enforce standards the owners of the critical infrastructure determined should be applied to safeguard their network vital to the nation's security. McCain also said the bill's sponsors failed to adequately consider having the National Security Agency, part of the Defense Department, take the lead to ensure the security of the nation's critical infrastructure, rather than DHS, which he contends has less expertise.

He also questioned why the bill would exempt computer hardware and software makers from some of the standards other industries would need to comply with. "What specific factors went into providing regulatory carve-outs for hardware and software manufacturers?" he asked. "My suspicion is this has more to do with garnering political support and legislative bullying and not sound policy considerations."

McCain said he and six other ranking Republican members of Senate committees with IT security oversight would introduce after Presidents' Day a version of the cybersecurity bill that the GOP lawmakers contend would be less intrusive on business.

Lieberman, the 2000 Democratic vice presidential nominee who bucked his party by endorsing McCain for president in 2008, expressed regret over his colleague comments. "I cannot conceal the fact that I'm disappointed by your statement," said the Independent Democrat from Connecticut, who caucuses with the Democratic majority. Lieberman said the bill reflects an earlier version the committee had marked up. Plus, he said, the bill's sponsors reached out to all senators for their ideas on how the legislation should be shaped. "We pleaded for involvement and a lot of people, including yourself, have not come to the table," Lieberman said to McCain. He said Reid indicated senators could offer amendments to the Cybersecurity Act when it comes up for consideration on the Senate floor.

Agreeing to Disagree

The disagreement between Napolitano and Ridge over how much regulation the bill would impose on business was not contentious, and not just because they testified at different times. The discourse between these witnesses and committee members was congenial.

Follow Eric Chabrow on Twitter: @GovInfoSecurity

  • Print
  • Tweet Like LinkedIn share
Get permission to license our content for reuse in a myriad of ways.
ARTICLE Update: Top 5 Health Data Breaches

News that health insurer Anthem Inc. suffered a massive breach after hackers gained access to a...

Latest Tweets and Mentions

ARTICLE Update: Top 5 Health Data Breaches

News that health insurer Anthem Inc. suffered a massive breach after hackers gained access to a...

The ISMG Network