Cybersecurity bill would create costly regulations, say critics

Some Republican senators and the Chamber of Commerce call for the Senate to slow down its efforts to pass a new bill

Leaders in the U.S. Senate are trying to fast-track new cybersecurity legislation that will create costly new regulations for some businesses, some critics said Thursday.

A plan by Senate Democrats to move the Cybersecurity Act, introduced this week, directly to the Senate floor for a vote raises serious questions about the process and will lead to bureaucrats at the U.S. Department of Homeland Security writing regulations for businesses that control critical infrastructure, said Senator John McCain, an Arizona Republican, during a hearing on the bill.

The Cybersecurity Act, introduced Tuesday by four senators, would allow DHS to "promulgate prescriptive regulations on American businesses," McCain said. "The regulations that would be created under this bill authority would stymie job creation, blur the definition of private property rights and divert resources from actual cybersecurity to compliance with government mandates."

The wide-ranging bill would require operators of so-called critical infrastructure networks to adopt cybersecurity practices if evaluations by DHS find their security lacking. The legislation would cover operators of systems that, if compromised, would cause mass death, evacuation or major damage to the U.S. economy.

The bill would allow owners of critical infrastructure systems to decide how best to meet the performance standards developed in cooperation with DHS.

McCain was among seven Republican senators who, in a Tuesday letter to Senate leadership, called for multiple hearings on the legislation. The Senate needs to have a serious discussion about whether DHS is the best agency to protect the U.S. against cyberattacks or whether the Department of Defense or National Security Agency might be better suited, McCain said.

Thomas Ridge, chairman of the National Security Task Force at the U.S. Chamber of Commerce and a former U.S. secretary of homeland security, also voiced opposition to the bill during the hearing, before the Senate Homeland Security and Governmental Affairs Committee. The bill doesn't appear to have a limit on what businesses DHS can designate as critical infrastructure, he said.

Cybersecurity mandates may not be effective, Ridge added. "Frankly, the attackers and the technology move a lot faster than any regulatory body or political body will ever be able to move," he said.

But supporters of the bill argued that new cybersecurity measures are needed. Lawmakers have been working on a comprehensive cybersecurity bill for years, and this legislation is a product of dozens of past hearings and meetings between lawmakers and business leaders, said Senator Joe Lieberman, a Connecticut independent and sponsor of the bill.

While critics call for delays, cyberthieves are looting U.S. businesses and government agencies, added Senator Susan Collins, a Maine Republican and co-sponsor. Sponsors made several changes to the bill in response to concerns from the Chamber of Commerce, she said.

"This bill is urgent," Collins said. "We can't wait to act. We cannot wait until our country has a catastrophic cyberattack."

Janet Napolitano, current secretary at DHS, and Stewart Baker, a former official at DHS and the NSA, both voiced support for the bill.

Although some critics have called for a stripped-down bill that deals mainly with security efforts at government agencies, "now is not the time for half-measures," Napolitano said.

Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's e-mail address is grant_gross@idg.com.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Grant Gross

IDG News Service
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?