How would you like the Department of Homeland Security to be in charge of your IT security?\n\nIf Congress has its way the folks who run the TSA would be given the power to require better computer security of companies with systems "whose disruption could result in the interruption of life-sustaining services, catastrophic economic damage or severe degradation of national security capabilities."\n\n\n\tDon\u2019t worry too much, though. The decision about which companies to regulate would be made \u201cwith input from businesses.\u201d For some reason that doesn\u2019t make me feel any better.\n\n\n\tThis is from the bill being pushed by Senate Majority Leader Harry Reid (D-Casinos) and supported by the White House. It\u2019s just one of 30 or so such bills currently percolating on the Hill.[*] As with much legislation, it starts with a good intention: Shielding vital infrastructure, including the power grid and water supply, from cyber attack. It\u2019s believed that as much as 85 percent of the nation\u2019s critical infrastructure is owned and operated by private companies.\n\n\n\tAnd, as with much legislation, it basically extends government power without actually improving anything. Businesses already know hacking is costing them money \u2013 this is really the only incentive needed for them. Fortunately and unsurprisingly, a lot of industry groups are lobbying against this because of the additional costs it would mean. What businesses really want is a law that would give them legal protections so they can share information with authorities without risking antitrust or privacy violations.\n\n\n\tThere are some helpful things the government could be doing on this issue. First is facilitating the sharing of best security practices by companies in control of vital infrastructure. The other is to make sure all levels of government follow vigorous security protocols and require the same from outside contractors.\n\n\n\tThere are many cases where government regulation of business is needed. Those mostly have to do with guaranteeing individual rights and maintaining the free and fair operations of markets. Cybersecurity is one that the profit motive is going to handle just fine.\n\n [*]The clever acronyms are already out in force: H.R. 3674 is the Promoting and Enhancing Cybersecurity and Information Sharing Effectiveness Act.