Telecom Leaders Come Out Swinging Against Cybersecurity Laws
Appearing before a House subcommittee, executives from Internet service providers such Comcast and AT&T warn against check-box compliance approach to cybersecurity.
Wed, March 07, 2012
CIO — WASHINGTON -- House republicans and senior executives in the telecom industry came out swinging on Wednesday against a forceful government role in overseeing cybersecurity in the private sector.
A panel of witnesses at a House subcommittee hearing spoke virtually as a chorus in voicing their opposition to any new regulatory obligations that would threaten to lock businesses into a static compliance regime and undermine their ability to detect and combat new and emerging threats
Focus on Innovation Not Compliance
"Flexibility is key and it's important because the threats change as rapidly as they do," Jason Livingood, vice president of Internet systems engineering with Comcast, told members of the Energy and Commerce Committee's Subcommittee on Communication and Technology.
As lawmakers wrestle with competing visions for reshaping the government's role in cybersecurity, Livingood urged them to "focus on security and innovation rather than compliance and regulation."
Today's hearing comes as members of the Senate are heading for a debate over two bills that take sharply contrasting approaches to securing the critical digital systems owned and operated by members of the private sector.
The Cybersecurity Act, a comprehensive bill that enjoys a measure of bipartisan support, could come up for consideration on the Senate floor in the next few weeks in a debate that figures to draw sharp criticism from Republican opponents who see a burdensome government mandate in the security standards the bill would establish.
If current plans hold, the Senate debate will include consideration of an alternative and far more limited measure backed by John McCain (R-Ariz.) and several other ranking Republicans. That bill, the so-called SECURE IT Act, confines its focus to removing barriers that inhibit private firms from sharing information about potential threats with other businesses or government entities, as well as some other, uncontroversial provisions such as support for cybersecurity research and development.
That more limited approach has guided much of the debate in the House. At Wednesday's hearing, Rep. Marsha Blackburn (R-Tenn.) said that she has been working with Rep. Mary Bono Mack, a California Republican, to develop a cybersecurity bill patterned after the SECURE IT Act in the Senate, a measure that would eschew any form of government mandate. Warning against the negative results that sweeping legislation could entail, Blackburn said her bill's first aim would be to "do no harm."
The GOP members on the House panel gave full credence to the concern that a regulatory mandate, such as the one provided for in the comprehensive Senate bill, would invite harmful repercussions that could actually undermine the nation's security posture.