UPDATE #2, 6.25.2010: Senate Homeland Security Committee approves cybersecurity legislation
UPDATE, 6.16.2010: Here is the text of the 197 page act being put forward by Sens. Lieberman, Collins, and Carper.
Original post from 6.10.2010:
Has not my prescription changed enough reading the Obamacare and financial takeover bills, we now have the next bill in the Borg absorption; Protecting Cyberspace as a National Asset Act brought to you by Lieberman, Collins, and Carper. Though the senators state, in their press release for the bill, “The bill does not authorize any new surveillance authorities or permit the government to “take over” private networks”, I’ll believe when I do not read it.
It just comes down to a trust issue; there just isn’t any anymore.
By SEN. JOE LIEBERMAN & SEN. SUSAN COLLINS & SEN. TOM CARPER | 6/10/10 4:38 AM EDT
A new era crept into the world the evening of Oct. 29, 1969. On the second try, the word “login” was sent between computers at UCLA and Stanford — and the first connection of what became the Internet was established.
Four decades later, the World Wide Web is a vibrant global community, with an estimated 700 million hosts serving a plugged-in population of 1.8 billion users and growing — creating a revolution in commerce, communications, entertainment, finance and government.
But that cybercommunity can be a dangerous place, and we cannot leave our economy and national security at risk. To strengthen our cyberspace defenses, we are introducing Thursday the Protecting Cyberspace as a National Asset Act.
Our proposed legislation would modernize efforts to safeguard the nation’s cyberspace networks by creating a more robust organizational structure. This framework would enhance public-private partnerships to build preparedness and resiliency, strengthen the security of federal systems and improve awareness of cyberthreats across the country.
We have to deal with an increasing number of “cybercriminals” and “cyberspies.” They look at the Web and see electronic pipelines that lead directly into everything from personal bank accounts to government and industrial secrets.
We have to prepare now for the very real possibility of cyberwar and cyberterror. For example, an adversary could take down our electrical grid or financial infrastructure from across the ocean — using just a series of keystrokes.
The need to defend our cyberspace infrastructure from such attacks is both obvious and urgent.
“We face a long-term challenge in cyberspace from foreign intelligence agencies and militaries, criminals and others,” a bipartisan Center for Strategic and International Studies report concluded, “and losing this struggle will wreak serious damage on the economic health and national security of the United States.”
The CSIS report, “Securing Cyberspace for the 44th Presidency,” found that the Departments of Defense, State, Homeland Security and Commerce, as well as NASA and the National Defense University, have all suffered “major intrusions by unknown foreign entities.” Defense Department computers are probed hundreds of thousands of times a day.
In December 2009, Google and 30 other companies in the Internet, finance, technology, media and chemical sectors — most of them global Fortune 500 companies — were the target of highly sophisticated attacks, allegedly from China, in what appears to have been a massive attempt at industrial espionage and theft of intellectual property.
In a report by McAfee, a computer security company, about 54 percent of the executives of critical infrastructure companies surveyed said that their firms had been victims of denial-of-service attacks, as well as network infiltration by organized-crime groups, terrorists and other nation-states. The cost of downtime to recover from these attacks can reach $6 million to $8 million a day, the executives said.
The bill we are introducing Thursday would create a National Center for Cybersecurity and Communications in the Department of Homeland Security, with a Senate-confirmed director to oversee security of the federal government’s computer networks.
The center would also identify vulnerabilities and help secure key private networks — like utilities and communications systems — that, if attacked or commandeered by a foreign power or cyberterrorists, could result in the crippling of our economy.
Far from stifling innovation, the bill would promote a vibrant information technology industry. It would allow owners and operators of critical infrastructure to choose which security measures to implement to meet the risk-based performance requirements set for their systems.
The proposed legislation would also create a Senate-confirmed White House adviser who would take a broad overview of all federal cybersecurity efforts, develop a national strategy to protect cyberspace, give policy advice to the president and resolve interagency disputes.
This bill would give the president the authority to implement emergency measures in selected areas of our nation’s most critical infrastructure — to preserve networks and assets essential to maintaining our way of life.
These emergency measures would expire in 30 days and would need to be the least disruptive means to secure against the attack. The president would have to notify Congress in advance to explain the nature of the threat, why existing security measures were deficient and what emergency measures were proposed under the law.
The bill does not authorize any new surveillance authorities or permit the government to “take over” private networks.
The Internet age that began quietly late that night 41 years ago is now far more than a high-tech convenience. It is a necessity for millions of consumers, businesses and governments worldwide.
But it is also a dark alley, where criminals can lurk, and a battleground that our enemies will try to seize and use against us.
It must be better secured.
Sen. Joe Lieberman (I-Conn.) is chairman of the Committee on Homeland Security and Governmental Affairs. Sen. Susan Collins (R-Maine) is the ranking member of the committee. Sen. Tom Carper (D-Del.) serves on the committee and is chairman of the Federal Financial Management, Government Information, Federal Services and International Security Subcommittee.