The Public Eye with Eric Chabrow

Irony of Compromise

GOP, Dems Can Reach Agreement on Cybersec Bills But ...

It's ironic that Congressional Democrats and Republicans say they're willing to compromise on cybersecurity legislation. With so much else these days in Congress, compromise is not a 10-letter, but 4-letter word.

The irony is that despite the willingness for give and take on IT security legislation, the negative environment that has taken hold in Congress - and American politics as well - might prevent meaningful cybersecurity legislation from coming up for a vote even though there are many areas of agreement.

In introducing the House Republican legislative agenda for cybersecurity on Wednesday (see House GOP Unveils Cybersecurity Agenda), Rep. Mac Thornberry, the Texan who servers as the House GOP traffic cops on infosec matters, expressed a willingness to compromise: "There's a lot of room to work together within Congress and with the White House. It's essential that we do so because of the economic aspects and national security aspects [of IT]."

And, Democrats were as effusive in seeking common ground. Encouraged by the Republican task force findings, Sen. Tom Carper, D-Del., who chairs a subcommittee with cybersecurity oversight, called on both houses to "redouble our efforts to pass this much needed cybersecurity legislation as soon as possible."

There are areas of fundamental disagreement on cybersecurity, such as how to get the mostly privately owned operators of the nation's critical IT infrastructure to assure their IT systems and networks are secure. Democrats, generally, favor tightening regulations; Republicans prefer voluntary incentives. Those differences won't be bridged in the 112th Congress.

But both sides seem to agree on the need to enhance the cyber needs of law enforcement; hiring new IT security personnel; and the need to address data breach notification. Another area where consensus exists is in reforming the Federal Information Security Management Act, the law that governs federal government IT security compliance. The GOP proposal is very similar to legislation Carper has championed for years that would require continuous monitoring of government IT systems. Indeed, there wouldn't need to be much compromising on FISMA reform because both sides are in general agreement.

Still, the toxic political atmosphere will likely prevent even legislation that has nearly universal agreement from passing both houses and reaching the president's desk for his signature. The unexpected has occurred in Congress before and could again. Perhaps lawmakers will prove me wrong. I hope so.



About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.