Cybersecurity legislation may soon find a way through the Senate. If a bill does make it through the upper house of the US Congress, it will still face reconciliation with the House itself. However, the bill discussed as a potential deadlock breaker in the Senate, could be an utter nonstarter in the West Wing, making the exercise moot.
To catch you up, the House passed a bill called CISPA that dealt with cybersecurity. Due to a lack of enforced standards for critical infrastructure, and privacy concerns, the White House promised to veto it. Following, the Senate began to craft its own bills on the subject. However, the leading bill in the Senate has the standards that the House is opposed to.
Another bill in the Senate, the Kyl-Whitehouse proposal, is trying to find a middle ground. Via The Hill, here’s how Jessica Herrera-Flanigan, a lobbyist, described current expectations in Washington: “Everyone is anticipating the emergence of some type of bipartisan compromise to break the current stalemate.” That’s a big statement, given how long the Senate has been gridlocked over the issue.
What is the compromise? It will likely not involve standards to infrastructure digital security, but incentives. Thus, utilities and the like won’t be forced into anything, but they can be coaxed. Such a proposal might pass the Senate, provided that Lieberman and his bill step aside, and it might even find support on the House. Whether the President will sign it remains unclear. The Obama administration has been firm that it expects to see standards in any cybersecurity bill that it signs.
Underscoring that viewpoint was a recent report that detailed cyber attacks against infrastructure points. However, most of the attacks ended up being due accidental infections due to lax or nonexistent security systems and other avoidable failures. To cut out the requirement for better safety may do little to help close gaping security holes. As TNW concluded, after analyzing the report:
In Congress at the moment there is a struggle between two perspectives. One states that mandatory cybersecurity standards should be placed on critical infrastructure. The other view is that any such regulation is unacceptable. Given the findings of this report, you have to wonder if a stiffening of the rules that our water and power system must obey would be such a bad thing.
If a bill manages to clear the Senate, and pass the House, but fails to receive the President’s signature, all bets are off.
Top Image Credit: Carol Atlantica