New year, new cyber bill introduced by lawmakers

Share this article:

Lawmakers are again trying to pass cyber security legislation that would formalize cooperation among businesses and the federal government to help better defend the nation's critical infrastructure.

On Wednesday, a group of seven Democratic senators, led by John Rockefeller IV, D-W.Va., introduced the Cybersecurity and American Cyber Competitiveness Act of 2013. The bill has been referred to committee for discussion and amendments before it returns to the Senate floor for a vote.

The language in the measure has not yet been firmed up, but it is expected to create mechanisms for threat information sharing, workforce development, risk assessment and identity theft prevention.

In November, the Senate struck down another largely Democratic-backed security bill, the Cybersecurity Act of 2012, in a 51-47 vote.

Democrats hope the new bill can gain bipartisan support by encouraging "collaboration" between the public and private sector, as opposed to requiring it.

Previous versions of the bill received criticism for the potential cost burden placed on businesses, particularly small companies, which would be forced to follow additional regulations that may not necessarily improve security. The bill also raised civil liberties concerns, as well as apprehension about the government having too much access to private companies' data.

Despite the objections, Ira Winkler, president of the Information Systems Security Association (ISSA), a nonprofit group of IT security professionals, told SCMagazine.com on Friday that Congress must act sooner or later.

“There's never been a perfect law written,” Winkler said. “But in the absence of a requirement, we have nothing. The law, as it is, is not going to be perfect. It will fall short of what is actually needed to achieve a good level of security. But what it will do is raise the bar, because right now there is no bar. Self-regulation has not worked.”

Share this article:

Sign up to our newsletters

More in News

Research shows vulnerabilities go unfixed longer in ASP

Research shows vulnerabilities go unfixed longer in ASP

A new report finds little difference in the number of vulnerabilities among programming languages, but remediation times vary widely.

Bill would restrict Calif. retailers from storing certain payment data

The bill would ban businesses from storing sensitive payment data, for any long than required, even if it is encrypted.

Amplification, reflection DDoS attacks increase 35 percent in Q1 2014

Amplification, reflection DDoS attacks increase 35 percent in ...

The Q1 2014 Global DDoS Attack Report reveals that amplification and reflection distributed denial-of-service attacks are on the rise.