Main Nav

Cybersecurity Legislation Falters in the Senate

Congress has left for a five week summer recess without agreeing up a cybersecurity legislative package that would protect critical infrastructure and promote information sharing.  After three days of debate on the Senate floor and a vote along partisan lines, the Senate rejected a motion that would have ended a filibuster led by Sen. John McCain (R-Ariz) on its version of cybersecurity legislation, S. 3414.


The version of the bill that came before the Senate floor was introduced by Sen. Lieberman (I-Conn) and Sen. Collins (R-Maine) and was the result of significant compromise, including concessions by The White House who wanted to see the Congress pass comprehensive cybersecurity legislation.  The most controversial provisions concerned the potential of government regulation of the private sector who own and operate critical infrastructure.  The compromise version of the bill made it voluntary for businesses to follow government standards.  However, the U.S. Chamber of Commerce was the most vocal opponent in the protection of U.S. businesses who did not want to see another government mandate.  The opposition by the U.S. Chamber of Commerce led Senate Majority Leader Harry Reid (D-Nev) to comment, “We know how important this legislation is, we know it’s more important than getting a pat on the back from Chamber of Commerce.”


While many Congressional leaders are discouraged by the result, it does not prevent the private sector from continuing to work with the government in a voluntarily manner to protect cyberspace.  There have been strong public-private partnerships since 9/11, some of which have resulted from presidential decision directives.  The most recent is Homeland Security Presidential Directive 7 that defines critical infrastructure and sets forth a structure for cooperation that includes the Critical Infrastructure Partnership Advisory Council (CIPAC) and emphasizes the important of information sharing mechanisms.   The Higher Education Information Security Council hosted by EDUCAUSE and Internet2 actively participates in the Cross-Sector Cybersecurity Working Group, led by the CIPAC and U.S. Department of Homeland Security.  The Research and Education Networking Information Sharing and Analysis Center (REN-ISAC) also participates in the National Council of ISAC’s.


It is not expected that the Senate will take up cybersecurity legislation when it returns from its August recess.  There is too little time prior to the election for the Congress to get anything accomplished.  However, we could be just one major cyber event away from the government acting with a plan to protect cyberspace.  An executive order from The White House is also an option, although unlikely prior to the election.

Tags from the EDUCAUSE Library