The US want to ensure that "Companies running computer networks essential to US economic and national security" are better defended "from spies, hackers and terrorists".
From today's FT, FYI,
February 14, 2012 11:18 pm
Senators urged on cyber security bill
By Paul Taylor in New York
Companies running computer networks essential to US economic and national security would be required to better defend their systems from spies, hackers and terrorists under a comprehensive cybersecurity bill unveiled by leading senators.
The bill, drafted by senators John Rockefeller and Dianne Feinstein, both Democrats; Susan Collins, a Republican, and Joe Lieberman, an independent, combines elements of several cybersecurity bills introduced over the past three years into one measure.
Under it, the Homeland Security Department would have the power to identify systems that could cause mass casualties or catastrophic economic damage if attacked. The agency would then set regulations requiring operators of critical networks to improve security and companies would have to show that their networks are secure or face penalties.
Harry Reid, a Nevada Democrat and Senate majority leader, has said he wants to bring the bill to the chamber’s floor for a vote as soon as possible while the Senate Homeland Security and Governmental Affairs Committee scheduled a hearing on the bill for later this week.
Lawmakers and regulators say new rules are needed to fight more sophisticated cyber attacks that threaten to disrupt water supplies, power grids, banks and communications networks.
Underscoring the apparent urgency, Mr Rockefeller, who introduced the bill on the Senate floor on Tuesday, warned: “We are on the brink of what could be a calamity. A widespread cyberattack could potentially be as devastating to this country as the terror attacks that tore apart this country 10 years ago.”
Mr Rockefeller noted hackers’ recent success in breaking into sensitive government agencies and major companies including several in the defence sector and warned that air traffic control, rail switching networks and chemical pipelines could be the next target.
“We can act now and try and prepare ourselves as best as we can, or we can wait and we will be surprised with what happens. I’m here to argue that we should act now,” Mr Rockefeller said.
The proposed legislation would also ease information-sharing between the federal government and the private sector to combat cyber crime and espionage and would require the government to take steps to secure its own networks.
The push for cybersecurity legislation has intensified following attacks last year on a wide range of companies including Citigroup, the third-largest US bank by assets, and Bethesda, Maryland-based Lockheed Martin, the world’s largest defence company.
A report published late last year by the National Counterintelligence Executive, an advisory panel of senior US security officials, suggested that hackers from China and Russia in particular are pursuing American industrial secrets, jeopardising an estimated $398bn in US research.
But despite the scale of the potential problem, industry groups led by the US Chamber of Commerce, the nation’s largest business-lobbying group, have urged lawmakers to delay consideration of the new bill and called for hearings before any floor vote, citing concerns about added expenses for companies.
“Rushing forward with legislation that has not been fully vetted would be a major mistake,” said Bruce Josten, the chamber’s executive vice president of government affairs, in a letter sent last month to Mr Reid and Mitch McConnell, the Senate minority leader and a Kentucky Republican.
The chamber and some Republicans in the House of Representative favour legislation that relies on incentives, rather than rules, to improve security and have proposed less sweeping legislation setting the stage for a congressional battle over the Senate bill.
Copyright The Financial Times Limited 2012.