This is the latest in a series of columns from attorneys at O’Melveny & Myers LLP, examining the intersections of the political and legal worlds in the run-up to Election Day 2012. Last week’s effective defeat of the proposed Cybersecurity Act of 2012, due to the failure in the Senate to secure the 60 votes needed to cut off a filibuster, appears to the mark the end of this year’s efforts to enact legislation confronting the threat of cybersecurity to critical U.S. infrastructure. Perhaps inevitably, in an election season the Congress could not choose between two very different visions. That some action is needed in the realm of cybersecurity is the one thing beyond debate. Over the last year, supporters of various versions of legislation have emphasized that the nation’s critical infrastructure—including electrical grids, water stations, and telecommunications systems—is a target for cyberattacks. Indeed, in July, the head of the National Security Agency and the U.S. Cyber Command said that computer attacks on U.S. infrastructure had increased seventeen-fold between 2009 and 2011, and expressed the view that, on a scale of 1-10, U.S. preparedness for a large cyberattack is around a three. What action should be taken to address this threat, however, sparked sharp partisan disagreement. In the Senate, for example, supporters of the bill backed by the Obama Administration were unable to mollify its opponents’ concerns—that the provision incentivizing companies to adopt voluntary cybersecurity standards was simply a guise for developing de facto mandatory standards, that the authority to aggregate cyberattack information had been delegated to the wrong agency, and that the bill’s provisions did not strike the right balance between national security, private innovation and self-governance, and civil liberties. The Senate may try again in September, but with few legislative days remaining on the congressional calendar, the election looming, and a busy lame duck session in the offing, the more likely outcome is that, following the election, the next administration—whether led by President Obama or Governor Romney—will address the national cybersecurity problem through executive action. Because corporate systems will be the primary focus of cybersecurity reforms, it is an ideal time for companies and their in-house counsel to assess the strength of their existing cybersecurity programs. Indeed, for corporate counsel, cybersecurity must figure prominently in any conversation about long-term strategic risks to their company’s interests. An important strategic consideration for an internal assessment is, of course, the form that executive action may take. Consider the following:
To view this content, please continue to Lexis Advance®.
Not a Lexis Advance® Subscriber? Subscribe Now
LexisNexis® is now the exclusive third party online distributor of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® customers will be able to access and use ALM's content by subscribing to the LexisNexis® services via Lexis Advance®. This includes content from the National Law Journal®, The American Lawyer®, Law Technology News®, The New York Law Journal® and Corporate Counsel®, as well as ALM's other newspapers, directories, legal treatises, published and unpublished court opinions, and other sources of legal information.
ALM's content plays a significant role in your work and research, and now through this alliance LexisNexis® will bring you access to an even more comprehensive collection of legal content.
For questions call 1-877-256-2472 or contact us at firstname.lastname@example.org