Senate Panel Approves Cybersecurity ActFate of Bipartisan Bill in Full Senate Uncertain
The measure, S. 773, goes to the Senate where its fate is uncertain. The comprehensive legislation is aimed at beefing up the defenses of the government's computer systems and the nation's mostly privately owned critical IT infrastructure, including the creation of a cyber emergency response plan that would be jointly developed by the government and businesses represented by sector coordinating councils. The measure also promotes cybersecurity public awareness, IT security education and research and development.
Cybersecurity hasn't been a partisan issue, but economics is, and a collision of the two almost occurred in the Senate committee.
Arizona Republican Sen. John Ensign offered an amendment to remove bill provisions that would have required cybersecurity certification and compliance requirements on the privately owned companies that operate the nation's critical IT infrastructure. Sen. Kay Bailey Hutchison of Texas, the committee's ranking Republican, presented an amendment to prohibit regional cybersecurity centers from competing with private-sector services. Those amendments never came up for a vote.
Amendments by Marie Cantwell, D-Wash., to make it clear that sector coordinating council have no delegated federal authority and require publicly traded companies that don't substantially comply with the bill's provisions after two successive quarters to inform their shareholders in their 10-Q filings that their systems are at risk. The committee never voted on those amendments, either.
The bill was approved without debate, though several senators offered comments as the panel members awaited a quorum. Rockefeller explained that unlike the past, where government provided nearly all of the defense, that's no longer the case in Internet century. "It is no longer government alone protecting the country; it's all of us together," he said.
Though far from identical, the Rockefeller-Snowe bill shares many of the provisions and goals of the Cybersecurity Enhancement Act that the House approved late last year.
The measure approved Wednesday is the first major information security legislation to make it to the full Senate in the 111th Congress. A number of other cybersecurity bills are in committees and Senate Homeland Security and Government Affairs Committee Chairman Joseph Lieberman, I.-Conn., has promised to introduce his own comprehensive cybersecurity bill. Senate Majority Leader Harry Reid, D.-Nev., is said to have told the sponsors of the various bills to cooperate in creating an omnibus cybersecurity measure.
Still, even with cooperation from both sides of the aisle, chances Congress would pass significant cybersecurity legislation is iffy, as both chambers bog down on more contentious issues such as healthcare, immigration, employment and the economy, and lawmakers see the approaching November elections and focus their attention on getting re-elected.