China may have been the catalyst for renewed cybersecurity discussions in Washington.
According to Reuters, negotiations to create a cybersecurity bill are under way between the White House and Congress, and House Intelligence Committee Chairman Mike Rogers admitted that the recent hacks on major media outlets played a role in the discussions. It appears the attacks on the newspapers were the wake-up call Congress (and maybe everyone) needed to realize just how serious cyberattacks are. As Reuters pointed out:
Though thousands of important companies have been losing data to hackers in China and elsewhere for a decade, the number of companies publicly admitting such breaches has been growing. Apple, Microsoft, Twitter, and Facebook confirmed attacks in a recent campaign.
Rogers was quoted as saying that these attacks have raised awareness.
Call me cynical, but I can’t help but wonder if some of these Congressmen had their own accounts hacked and that’s why they seem to have some sense of urgency now about getting this done – the Reuters article says Congress and the White House are close to agreements about the roles of government agencies in the protection against attacks. That in itself is news – it isn’t often that the White House and Congress are close to agreements on anything.
It seems like the Executive Order also played a key role in getting the differing sides talking. There is now the framework of a cybersecurity game plan in place, and this new bill can be built around that.
Of course, it wouldn’t be Washington legislation if there wasn’t a lot of dissent in the air. According to Foreign Policy, privacy advocates, who were outspoken against last year’s version of the Cybersecurity Intelligence Sharing and Protection Act, again have concerns:
CISPA, a bipartisan bill sponsored by Reps Mike Rogers (R-Mich.) and Dutch Ruppersburger (D-Md.), would allow the government and private sector to share information on cybersecurity threats with one another. Particularly upsetting to privacy advocates is the fact that the bill allows private businesses to share information with the Defense Department or intelligence agencies while providing immunities from lawsuits should the businesses improperly share information about private citizens.
No bill is going to be perfect. The important takeaway here is that members of Congress on both sides of the aisle recognize that cyberattacks are only going to get more serious, especially when the attackers might be state-related.