TRENDING:

The Public Eye with Eric Chabrow

Tale of Two Cybersecurity Bills

Eric Chabrow (GovInfoSecurity) • August 19, 2009    
Tale of Two Cybersecurity Bills

Will a bill to let the president shutter Internet traffic ever become law? Don't bet on it.

S. 773 would give the president the authority to declare a cyber emergency if conditions warrant and halt Internet traffic between federal IT systems and the nation's critical IT infrastructure. The measure, also known as the Cybersecurity Act of 2009, was assigned to the Senate Commerce, Science and Transportation Committee, chaired by its chief sponsor, Sen. Jay Rockefeller, D.-W.Va. (An earlier blog entry incorrectly stated S. 773 was assigned to the Senate Committee on Homeland Security and Governmental Affairs.)

The Internet was designed by the Defense Department to function in the event of a nuclear attack, the exact opposite of the intent of the legislation. 

It's been 3½ months since the introduction of S. 773, but no word has surfaced on what changes, if any, have been or will be made to the bill. A committee representative declined to publicly comment on the bill. But one source says Rockefeller who is on vacation has yet to inform the committee's communications staff what changes, if any, he intends for the bill.

Meanwhile, staffers on the Senate Homeland Security and Governmental Affairs Committee have been busy this summer revising another key cybersecurity measure, the U.S. Information and Communications Enforcement Act of 2009, or S. 921, which would update the Federal Information Security Management Act of 2002, the main law governing federal IT security. Revisions to the original S. 921 introduced in April includes shifting many cybersecurity policymaking responsibilities to the Department of Homeland Security from the White House Office of Management and Budget as well as dropping a provision to establish a National Cyberspace Office in the White House. By fall, Homeland Security and Governmental Affairs Committee members are expected to meet in a markup session to finalize the wording of the measure. A Senate vote on the revised bill could occur by year's end or early next year, the staff says.

No such activity yet on S. 773. The well-connected senior cybersecurity staffer on the Homeland Security panel says the Rockefeller measure is just too controversial to ever be enacted, noting the provision to grant the president power to halt Internet traffic has won very little support in Congress. He says that re-architecting federal IT systems and the Internet to allow the president top stop Internet traffic would be economically prohibitive. That's a point made at a House hearing this spring by Peter Fonash, acting deputy assistant secretary of cybersecurity communications at the Department of Homeland Security:

"When you're talking about the Internet, you're really talking about AT&T, Verizon and Sprint. Everyone uses those networks. It's a common carrier perspective here; so it's very difficult to take it off grids."

Besides, the staffer points out, the decentralized nature of the Internet was designed by the Defense Department to function in the event of a nuclear attack, keeping communications going, the exact opposite of the intent of the Rockefeller bill.



About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.




Around the Network

Closing Privacy 'Loopholes' in Reproductive Healthcare Data
Closing Privacy 'Loopholes' in Reproductive Healthcare Data
HHS OCR Leader: Agency Is Cracking Down on Website Trackers
HHS OCR Leader: Agency Is Cracking Down on Website Trackers
Why Legacy Medical Systems Are a Growing Concern
Why Legacy Medical Systems Are a Growing Concern
Checking Out Security Before Using AI Tools in Healthcare
Checking Out Security Before Using AI Tools in Healthcare
HIPAA Considerations for AI Tool Use in Healthcare Research
HIPAA Considerations for AI Tool Use in Healthcare Research
Why Health Entities Need to Implement NIST Cyber Framework
Why Health Entities Need to Implement NIST Cyber Framework
What's Inside Washington State's New My Health My Data Act
What's Inside Washington State's New My Health My Data Act
Efficient Management of Enterprisewide Data Protection
Efficient Management of Enterprisewide Data Protection
CyberArk CEO Touts New Browser That Secures Privileged Users
CyberArk CEO Touts New Browser That Secures Privileged Users
Why Aren't 3rd Parties More Transparent About Breaches?
Why Aren't 3rd Parties More Transparent About Breaches?

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.