Sen. Joseph Lieberman (I/D-Conn.) said recently he expects his co-sponsored cybersecurity legislation to hit the Senate floor as early as the end of June, but no later than July.
“I’m as confident as I can be that this will come up no later than July, with the caveat in the Senate these days that you know it comes up when it is actually called up by the clerk in the Senate,” Lieberman said recently at a Capitol Hill cybersecurity demonstration. Lieberman is the chairman of the Senate Homeland Security and Government Affairs committee.
Senate Majority Leader Harry Reid (D-Nev.) said in a floor statement that he intends to bring the cybersecurity legislation to the upper chamber’s floor “at the earliest possible date.”
But Lieberman said it could happen before Senate holiday recess or afterward.
“Depending on the course of Senate conduct on other legislation, it’s not clear to me yet whether that means the cybersecurity bill will be up before the end of this work period, that is, before the end of June, or if it will come up after July 4th.”
Lieberman, along with Sens. Susan Collins (R-Maine), Jay Rockefeller (D-W.Va.) and Dianne Feinstein (D-Calif.), are sponsoring a bill that, among other things, seeks to establish mandatory cybersecurity standards for much of the nation’s critical infrastructure, the majority of which is owned and operated within the private sector. The bill, called the Cyber Security Act of 2012 (S. 2105), would also create authorities for the Department of Homeland Security (DHS) to enforce minimum cyber security standards in the private sector.
The bill also requires information sharing between the private sector and federal government on threats, incidents, best practices and fixes while also maintaining civil liberties and privacy.
Lieberman, during questions from reporters, clarified what would be considered “critical cyber infrastructure” in his legislation. He said, “In layman’s terms, you have to be operating cyber infrastructure which, if attacked successfully, could cause mass casualties, catastrophic economic loss to our country and definitive compromising of our national security.”
“Really, you’re talking about not your small, local business that happens to be on the Internet, even if it is involved in sensitive activities,” Lieberman said. “You’re talking about the electric power grid, gas and oil pipelines…infrastructure, cyber systems controlling water supply and financial system controls.”
Competing legislation introduced in the Senate, co-sponsored by John McCain (R-Ariz.) and six other Republican senators, avoids government mandates for minimum cyber security standards in favor of voluntary best practices and standards. It also calls for removing legal barriers to voluntary information sharing within existing structures. The legislation is titled Strengthening and Enhancing Cybersecurity by Using Research, Education, Information and Technology (SECURE IT Act) (S. 2151).