By Emelie Rutherford
Senate leadership’s new push to quickly move cybersecurity legislation will kick off today with a hearing on a hot-button bill that would give the Department of Homeland Security (DHS) responsibility for protecting civilian networks.
This expanded role of DHS is one area of the new legislation unveiled last week that has spurred opposition, as has a proposal in it to give the administration emergency powers to shut down some critical private-sector networks during attacks.
Technology industry lobbyists have sounded alarms over giving DHS such expanded regulatory authority, and privacy advocates already succeeded in killing language giving the president emergency powers to shut down private networks that was in a different cybersecurity bill.
These concerns are expected to be aired at the Senate Homeland Security and Governmental Affairs Committee’s afternoon hearing on the Protecting Cyberspace as a National Asset Act of 2010. Committee Chairman Joe Lieberman, (I/D-Conn.) and Ranking Member Susan Collins (R-Maine), along with member Tom Carper (D-Del.), unveiled the bill last Thursday.
A slew of bills intended to protect U.S. networks from cyber attacks have been filed in Congress this session. Those include the Cybersecurity Act of 2010, filed by Sens. John Rockefeller (D-W.Va.) and Olympia Snowe (R-Maine) and approved in March by the Senate Commerce Committee; this is the bill that initially, but no longer, called for giving the president more power over private networks.
The new Protecting Cyberspace as a National Asset Act of 2010 bill is significant, aides said, and cybersecurity legislation is expected to move quickly in the Senate.
Lieberman, who pledged to work with Rockefeller, said his committee will mark up the legislation next week.
Senate Majority Leader Harry Reid (D-Nev.) is “very encouraged” the Homeland Security committee “has put forward a very substantive contribution to the cyber security debate,” Reid spokeswoman Regan Lachapelle said yesterday.
Reid met last Wednesday about cybersecurity with Sens. Lieberman, Carl Levin (D-Mich.), Dianne Feinstein (D-Calif.), Patrick Leahy (D-Vt.), and John Kerry (D-Mass.).
“The outcome of the meeting was an agreement to begin work together and with the administration on a comprehensive cybersecurity bill,” Lachapelle said.
The Lieberman-Collins-Carper bill would create two Senate-confirmable positions, officials who would direct a new Office of Cyberspace Policy in the Executive Office of the President and a new National Center for Cybersecurity and Communication (NCCC) at DHS.
The NCCC would take over federal efforts to protect critical public and private networks, including communications networks, from attacks.
TechAmerica, a technology industry trade group, is concerned the bill would turn DHS “into a significant regulatory agency,” president and CEO Phil Bond said in a statement.
“Regulations like these could seriously undermine the very innovation we need to stay ahead of the bad actors and prosper as a nation,” he argued.
Lieberman said the need for the bill is “obvious and urgent.”
“Our economic security, national security and public safety are now all at risk from new kinds of enemies–cyber-warriors, cyber-spies, cyber-terrorists and cyber-criminals,” he said.
Under the legislation, the new Office of Cyberspace Policy in the White House would “develop a national strategy that incorporates all elements of cyberspace policy, including military, law enforcement, intelligence, and diplomatic,” according to a summary.
The Pentagon just stood up the U.S. Cyber Command, a new sub-unified military command, last month under the leadership of Army Gen. Keith Alexander, who also directs the National Security Agency.
The new bill would establish a public-private partnership to set national cybersecurity priorities and require managers of critical networks to report significant cyber breaches to the government.
It also would update law governing how federal agencies protect their internal networks and systems and develop a supply-chain risk-management strategy to protect products and services the federal government needs.
The Homeland Security panel will hear today from Phillip Reitinger, the deputy under secretary for the National Protection and Programs Directorate at DHS, who also directs DHS’s National Cybersecurity Center.