Senate to Consider Cybersecurity Overhaul
Majority leader Harry Reid is poised to bring long-debated cybersecurity legislation to floor in hopes of broad bipartisan support, according to comments from his senior aide at the State of the Net conference.
Wed, January 18, 2012
CIO — WASHINGTON -- After more than two years of protracted negotiations and numerous legislative rewrites, Senate Majority Leader Harry Reid is preparing to schedule a floor debate for a bill that would overhaul the country's cybersecurity framework, a senior aide to the Nevada Democrat said on Tuesday.
The bill that would come up for debate, which at the earliest could drop in the next week, would ideally hit the floor in three or four weeks, Tommy Ross, Reid's senior intelligence and defense advisor, said in a panel discussion here at the annual State of the Net conference.
"Where we are I think this year is in a position where the legislative proposals we're looking at as well as the level of debate and sort of basic knowledge about the substantive issues that we're debating in the Senate are far advanced from where we were last year, and almost unrecognizable from where we started out two years ago," Ross said.
It has been a hard slog to generate broad agreement on a policy area that spans numerous committee jurisdictions and raises a tangle of technical, logistical and civil-liberties questions. Senate staffers have been engaged in ongoing meetings with leaders in the private sector, members of the security community, public-interest groups and others as they have worked to craft a model for securing the nation's critical digital infrastructure that can garner strong bipartisan support.
The bill that comes up for debate, a composite that is likely to include elements of many of the prior bills various lawmakers have introduced and debated in committee, will be intended only as a first draft, according to Ross, who said that Reid expects an extended debate over amendments to the legislation.
"We're not going to get it right with the legislation we bring to the floor with our base bill," he said, adding that some key aspects of cybersecurity policy will by necessity be left out of the final bill. "We call it a comprehensive cybersecurity bill. It's not comprehensive. It's not going to touch on a lot of really important elements of cybersecurity because you can't do it all in one bill."
But the bill will address critical areas that are left murky under current law, such as the specific extent of government authority over critical infrastructure and language to formalize a process for public and private-sector entities to share information about cyber threats.
The Obama administration weighed in on the cybersecurity debate last May, when the White House delivered its own blueprint for reform to Capitol Hill. The administration is seeking many of the same broad reform initiatives likely to be included in the Senate bill, with a particular emphasis on clarifying and expanding executive authority over private-sector operators of critical infrastructure.