During a summer in which the head of the National Security Agency revealed that cyberattacks on business and government have increased 1700 percentand in which said NSA chief openly invited hackers to join forces with the U.S. government at a conference in Vegasso did a highly anticipated piece of cybersecurity legislation meet a bitter end. Both of which should be turning the heads of corporate risk officers.
On Thursday, a filibuster by Senate Republicans blocked the Cybersecurity Act of 2012 at a critical juncture, killing the possibility of a full vote before the Congresss August recessand quite possibly ending the bills chances at passage for the rest of the year.
The bill called for new standards to secure computer networks across critical infrastructure industriesincluding energy and banking. Sponsored by an Independent and a Republican, the sponsors had already revamped the legislation in an effort to attract more Republican votes. And its defeat has prompted laments from the White House, lawmakers, and a host of security experts.
So how did a bill with so many supporters end up . . . nowhere?
Objections raised by the U.S. Chamber of Commerce played a major role, as a story by Ken Dilanian in the Los Angeles Times illustrates. The Chamber opposed mandatory security standards for critical infrastructure companies, which were in an earlier version of the bill. Even when those requirements were scaled back, however (leading to complaints that the bill had lost its teeth), opposition from the Chamber continued, according to the Times:
“The chamber believes [the bill] could actually impede U.S. cybersecurity by shifting businesses’ resources away from implementing robust and effective security measures and toward meeting government mandates,” Bruce Josten, the Chamber’s chief lobbyist, wrote in a letter to senators Tuesday.
To U.S. intelligence officials, that made no sense: “It’s incomprehensible why they are opposing it,” White House counter-terrorism advisor John Brennan told the L.A. Times. “It’s not grounded in facts nor in national security concerns.”
Among senators, the bills defeat also led to harsh words. As The New York Times laid out in a succinct recap, CSA co-sponsor Senator Joe Lieberman (I-Connecticut) sparred with his longtime ally Senator John McCain (R-Arizona), who led the opposition. Meanwhile, the CSAs other co-sponsor, Republican Senator Susan Collins of Maine, called the loss a shameful day and said she was disappointed in the Senates lack of urgency on the matter.
I cannot think of another area where the threat is greater and we are less prepared, Collins said, according to the NY Times.
Plenty of others echoed similar sentiments.
Representative Mac Thornberry, a Republican from Texas and vice chairman of the House Armed Services Committee, called the Senates inability to move ahead with a vote particularly disappointing. In a blog post for The Hill, he wrote:
Unfortunately, we do not dictate the terms of the cyber war we are in, and the tempo of the fight does not slow down to wait for Congress to act. Cyber threats pose a significant risk to our national security as well as our nations critical infrastructure and our economy. Every day, government and private networks are being attacked. Valuable information is being stolen from American companies, making them weaker and less competitive.
