Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

New US cybersecurity act could be costly for some critical system vendors

Some Republican senators and the Chamber of Commerce call for the Senate to slow down its efforts to pass a new bill

Article comments

Leaders in the US Senate are trying to fast-track new cybersecurity legislation that will create costly new regulations for some businesses, some critics said Thursday.

A plan by Senate Democrats to move the Cybersecurity Act, introduced this week, directly to the Senate floor for a vote raises serious questions about the process and will lead to bureaucrats at the US Department of Homeland Security writing regulations for businesses that control critical infrastructure, said Senator John McCain, an Arizona Republican, during a hearing on the bill.

The Cybersecurity Act, introduced Tuesday by four senators, would allow DHS to "promulgate prescriptive regulations on American businesses," McCain said. "The regulations that would be created under this bill authority would stymie job creation, blur the definition of private property rights and divert resources from actual cybersecurity to compliance with government mandates."

Bill would affect critical systems to the US economy

The wide-ranging bill would require operators of so-called critical infrastructure networks to adopt cybersecurity practices if evaluations by DHS find their security lacking. The legislation would cover operators of systems that, if compromised, would cause mass death, evacuation or major damage to the US economy.

The bill would allow owners of critical infrastructure systems to decide how best to meet the performance standards developed in cooperation with DHS.

McCain was among seven Republican senators who, in a Tuesday letter to Senate leadership, called for multiple hearings on the legislation. The Senate needs to have a serious discussion about whether DHS is the best agency to protect the US against cyberattacks or whether the Department of Defense or National Security Agency might be better suited, McCain said.

Thomas Ridge, chairman of the National Security Task Force at the US Chamber of Commerce and a former US secretary of homeland security, also voiced opposition to the bill during the hearing, before the Senate Homeland Security and Governmental Affairs Committee. The bill doesn't appear to have a limit on what businesses DHS can designate as critical infrastructure, he said.

Cybersecurity mandates may not be effective, Ridge added. "Frankly, the attackers and the technology move a lot faster than any regulatory body or political body will ever be able to move," he said.

Critics calling for stripped-down bill that won't affect everyone

But supporters of the bill argued that new cybersecurity measures are needed. Lawmakers have been working on a comprehensive cybersecurity bill for years, and this legislation is a product of dozens of past hearings and meetings between lawmakers and business leaders, said Senator Joe Lieberman, a Connecticut independent and sponsor of the bill.

While critics call for delays, cyberthieves are looting US businesses and government agencies, added Senator Susan Collins, a Maine Republican and co-sponsor. Sponsors made several changes to the bill in response to concerns from the Chamber of Commerce, she said.

"This bill is urgent," Collins said. "We can't wait to act. We cannot wait until our country has a catastrophic cyberattack."

Janet Napolitano, current secretary at DHS, and Stewart Baker, a former official at DHS and the NSA, both voiced support for the bill.

Although some critics have called for a stripped-down bill that deals mainly with security efforts at government agencies, "now is not the time for half-measures," Napolitano said.




Share:

More from Techworld

More relevant IT news

Comments



Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *