In a Wall Street Journal op-ed published this morning, President Barack Obama urged the Senate to pass a bill that would enable more information sharing between government and private companies in order to avoid major cyber security breaches.
"My administration has made cybersecurity a priority, including proposing legislation to strengthen our nation's digital defenses," the president wrote.
"For the sake of our national and economic security, I urge the Senate to pass the Cybersecurity Act of 2012 and Congress to send me comprehensive legislation so I can sign it into law."
The newly revised act, while still enhancing government-private cooperation on cyber security, no longer requires private companies to live up to government-proposed security standards, instead allowing them to opt into a voluntary cybersecurity program.
This program would offer incentives to industry that certified through third-party assessment that it is living up to government cyber security standards.
The revisions were made in an framework agreement between bill sponsors Sens. Joe Lieberman (I-Conn.), Susan Collins (R-Maine), Jay Rockefeller (D-W.Va.), Dianne Feinstein (D-Ca.) and Tom Carper (D-Del.) and Sens. Jon Kyl (R-Ariz.) and Sheldon Whitehouse (D-RI).
Sens. John McCain (Ariz.) and Kay Bailey Hutchison (Texas) had opposed to previous bill on the basis of business privacy concerns.
"While the bill we introduced in February is stronger, this compromise will significantly strengthen the cybersecurity of the nation's most critical infrastructure and with it our national and economic security," Lieberman, also chairman of the Senate Homeland Security and Governmental Affairs Committee, said.
"While I still prefer the regulatory approach, and believe that it would better protect our country, we are moving forward in the spirit of compromise with an incentives-based voluntary approach because it is a crucial matter of public safety and national security," Rockefeller, also chairman of the Senate Commerce Committee, said.
Consistent with the February version, the law would still allow sharing of classified cybersecurity threat indicators between government and industry while protecting the privacy concerns of companies.
A National Cybersecurity Council would be established, headed by Department of Homeland Security Secretary Janet Napolitano, to assess cyber risks sector-by-sector.
The DHS has made it clear increased cyber security is of paramount concern, especially since "forecasts for 2011 and beyond project continued increases in both the volume and virulence of cyber attacks."
Senate Homeland Security and Governmental Affairs Committee Susan Collins highlighted these risks in remarks made at the bills introduction Thursday.
"The owners and operators of critical infrastructure reported nearly 200 cyber intrusions in 2011, a 400 percent increase from the previous year," Collins said, adding, "Moreover, U.S. companies lose about $250 billion a year through intellectual property theft, $114 billion to theft through cyber crime and another $224 billion in down time the thefts caused."
"Today we can see the cyber threat to the networks upon which so much of our modern American lives depend. We have the opportunity - and the responsibility - to take action now and stay a step ahead of our adversaries," the president wrote in his op-ed.
Lieberman said the Senate hopes to take up the bill by the end of the week.
by RTT Staff Writer
For comments and feedback: email@example.com