Cybersecurity bill would create costly regulations, say critics

Some Republican senators and the Chamber of Commerce call for the Senate to slow down its efforts to pass a new bill

Leaders in the U.S. Senate are trying to fast-track new cybersecurity legislation that will create costly new regulations for some businesses, some critics said Thursday.

A plan by Senate Democrats to move the Cybersecurity Act, introduced this week, directly to the Senate floor for a vote raises serious questions about the process and will lead to bureaucrats at the U.S. Department of Homeland Security writing regulations for businesses that control critical infrastructure, said Senator John McCain, an Arizona Republican, during a hearing on the bill.

The Cybersecurity Act, introduced Tuesday by four senators, would allow DHS to "promulgate prescriptive regulations on American businesses," McCain said. "The regulations that would be created under this bill authority would stymie job creation, blur the definition of private property rights and divert resources from actual cybersecurity to compliance with government mandates."

The wide-ranging bill would require operators of so-called critical infrastructure networks to adopt cybersecurity practices if evaluations by DHS find their security lacking. The legislation would cover operators of systems that, if compromised, would cause mass death, evacuation or major damage to the U.S. economy.

The bill would allow owners of critical infrastructure systems to decide how best to meet the performance standards developed in cooperation with DHS.

McCain was among seven Republican senators who, in a Tuesday letter to Senate leadership, called for multiple hearings on the legislation. The Senate needs to have a serious discussion about whether DHS is the best agency to protect the U.S. against cyberattacks or whether the Department of Defense or National Security Agency might be better suited, McCain said.

Thomas Ridge, chairman of the National Security Task Force at the U.S. Chamber of Commerce and a former U.S. secretary of homeland security, also voiced opposition to the bill during the hearing, before the Senate Homeland Security and Governmental Affairs Committee. The bill doesn't appear to have a limit on what businesses DHS can designate as critical infrastructure, he said.

Cybersecurity mandates may not be effective, Ridge added. "Frankly, the attackers and the technology move a lot faster than any regulatory body or political body will ever be able to move," he said.

But supporters of the bill argued that new cybersecurity measures are needed. Lawmakers have been working on a comprehensive cybersecurity bill for years, and this legislation is a product of dozens of past hearings and meetings between lawmakers and business leaders, said Senator Joe Lieberman, a Connecticut independent and sponsor of the bill.

While critics call for delays, cyberthieves are looting U.S. businesses and government agencies, added Senator Susan Collins, a Maine Republican and co-sponsor. Sponsors made several changes to the bill in response to concerns from the Chamber of Commerce, she said.

"This bill is urgent," Collins said. "We can't wait to act. We cannot wait until our country has a catastrophic cyberattack."

Janet Napolitano, current secretary at DHS, and Stewart Baker, a former official at DHS and the NSA, both voiced support for the bill.

Although some critics have called for a stripped-down bill that deals mainly with security efforts at government agencies, "now is not the time for half-measures," Napolitano said.

Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's e-mail address is grant_gross@idg.com.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Grant Gross

IDG News Service
Show Comments

Cool Tech

SanDisk MicroSDXC™ for Nintendo® Switch™

Learn more >

Breitling Superocean Heritage Chronographe 44

Learn more >

Toys for Boys

Family Friendly

Panasonic 4K UHD Blu-Ray Player and Full HD Recorder with Netflix - UBT1GL-K

Learn more >

Stocking Stuffer

Razer DeathAdder Expert Ergonomic Gaming Mouse

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?