Senator Jay Rockefeller
The chairman of the Senate Commerce Committee submitted on Thursday an already-approved cybersecurity bill to be considered as an amendment to next year’s National Defense Authorization Act.
If the amendment manages to stay intact as Congress prepares to approve the 2014 NDAA, Sen. Jay Rockefeller (D-West Virginia)’s Cybersecurity Act of 2013 may finally be codified into law.
Rockefeller’s proposal, S.1353, was unanimously approved by the Commerce Committee in July but has stayed relatively dormant ever since. On Thursday he submitted that bill as an amendment to be considered as part of an annual Pentagon spending plan that could fast track his attempts to land his proposal on President Barack Obama’s desk after attempts in Congress to adopt cybersecurity legislation have largely proven to be futile.
In a statement made by Rockefeller that circulated earlier this week, the 75-year-old senator suggested that the time is now upon Congress to finally enact a bill that would mandate precautions be taken to protect America’s cyber infrastructure and the private entities attached to it amid ongoing reports of high-powered attacks aimed at the likes of government computers and the networks of critical services.
“The Commerce Committee took action months ago and unanimously passed this bipartisan bill that will improve the nation’s cybersecurity. But it’s been sitting on the sidelines for too long and there’s too much at stake to not look for every opportunity to pass it in the Senate,” Rockefeller said in a statement first published on Wednesday by John Eggerton at Multichannel News. “So I’m introducing that legislation as an amendment to the Defense Authorization bill and imploring my colleagues to join me in supporting this effort.”
According to Rockefeller, his bill “creates an environment that will cultivate the public-private partnerships essential to strengthening our nation’s cybersecurity.” When it was first introduced in the Senate earlier this year, the Commerce Committee said passage of the bill would “Formalize cybersecurity as one of [National Institute of Standards and Technology]’s priority areas of focus” and “create a NIST-facilitated, industry-driven process for developing a set of voluntary cybersecurity standards for critical infrastructure.” At the time it received endorsements from the likes of AT&T, Verizon, Motorola Solutions, the Electric and Nuclear Power Coalition, IBM and the US Chamber of Congress.
“I’ve always thought this was a great way to emphasize the critical need for a public-private approach when it comes to solving our most pressing cybersecurity issues,” Rockefeller said then.
Since Congress will need to approve a version of the NDAA in order to authorize the Pentagon’s funding for the next fiscal year, the addition of Rockefeller’s bill as an amendment ensures that it will at least be considered by his colleagues for passage in the coming weeks, setting the stage for lawmakers to finally let a cybersecurity bill of this capacity become codified.
In 2012, attempts in Congress to pass the Cyber Intelligence Sharing and Protection Act, or CISPA, ultimately failed due largely in part to a major public campaign that condemned the would-be law due to allegations that it would erode privacy on the web by encouraging the growth of a public-private partnership between internet companies and the federal government.
Proponents of CISPA, including then-Secretary of Defense Leon Panetta, said at the time that America was at a “pre-9/11 moment” and warned that a “Cyber-Pearl Harbor that would cause physical destruction and the loss of life” could soon occur on American soil if the country’s critical infrastructure and top-tier businesses weren’t obligated to come together and share information about potential hacks waged at US networks.
The architects of CISPA have since reintroduced their bill, and Pres. Obama signed an executive order in February that mandated administration officials to come up with standards to reduce cybersecurity risks and encourage companies to adopt the new framework.
“We know hackers steal people’s identities and infiltrate private e-mail,”Obama said after signing the order in February.“We know foreign countries and companies swipe our corporate secrets. Now our enemies are also seeking the ability to sabotage our power grid, our financial institutions, and our air traffic control systems.”