WASHINGTON, D.C.—Support for The Cybersecurity Act of 2012, S. 2105 is growing now that the bill has been introduced in the Senate.
Four major players in the field of information technology—Cisco and Oracle, the Information Technology Industry Council (ITI) and TechAmerica—announced their commendation in letters to the bill’s sponsors: Senators John D. (Jay) Rockefeller IV, D-W.Va., Joe Lieberman, ID-Conn., Susan Collins, R-Maine, and Dianne Feinstein, D-Ca.
Leaders in national and homeland security—Joint Chiefs of Staff Chairman Martin Dempsey, Defense Secretary Leon Panetta, and former Homeland Security Secretary Michael Chertoff—also endorsed the bill.
A sampling of the praise:
Cisco and Oracle, in a letter to sponsors: “Your legislation proposes a number of tools that will enhance the nation’s cybersecurity, without interfering with the innovation and development processes of the American IT industry.”
ITI, in a statement: “The cybersecurity bill introduced today includes key elements that will contribute to cybersecurity and help preserve our industry’s ability to drive innovation and security into our products and technologies.”
TechAmerica CEO Dan Varroney, in a public statement: “This bill is a careful and bipartisan approach to a serious national security challenge and provides a comprehensive framework for protecting our most critical infrastructure, without forcing unnecessarily broad mandates on industry.”
General Dempsey, before the Senate Armed Services Committee: “We strongly support the Lieberman-Collins-Rockefeller legislation…to get us in the proper place in dealing with the cyberthreat, which is significant and growing, as well as the Senator Feinstein amendment to that legislation.”
Secretary Panetta, before SASC: “I think the general is correct that the bill that I know is being put together by Senator Lieberman and others reflects all of the issues that we think are important to address. So we'll continue to work, however, with the Senate and with the Congress to make sure that if a bill does emerge, it addresses our concerns about trying to make this country better prepared to deal with the cyber issues that I think are growing every day.”
Secretary Chertoff, in a statement for the Congressional Record: “There are three areas that I believe should be emphasized as a part of any comprehensive cybersecurity legislation: (1) risk-based security standards for our critical infrastructure, (2) information sharing, and (3) liability protections. These areas are reflected in the Lieberman/Collins/Rockefeller/Feinstein ‘Cyber Security Act of 2012’ introduced in the Senate, as well as in a number of House bills and the Administration’s own proposal.”
Stephen R. Huffman, Chairman, Government Relations Committee, Automation Federation: “We support your efforts in proposed legislation to address the challenges our nation faces to deter cyber attacks against our information structure…Within the national emphasis on industrial infrastructure security, the cyber or electronic security of IACS is critical because of the potentially disastrous impact a compromise would have on human safety, and welfare, economic viability and stability, the environment, and the integrity of the overall national infrastructure.”
Society of Former Special Agents of the FBI President Bradley Benson, in a letter to Sen. Lieberman: “On behalf of nearly 8000 former Special Agents of the FBI, I want you to know how grateful we are for your service. But today our appeal is for bipartisan leadership in addressing this (cyber) threat. To delay action until after the election or for any other reason is to state that the risk is acceptable. My colleagues join me in emphatically stating the risk is not acceptable.”
The Information Technology Industry Council is an industry trade group. Cisco and Oracle are, respectively, a technology services firm and a software and hardware manufacturer. TechAmerica bills itself as the largest IT advocacy organization.
The co-sponsors of the Cybersecurity Act also rebutted the notion that the bill was being rushed. Nothing could be further from the truth.
The Cybersecurity Act of 2012 has been three years in the making and its outlines and multiple drafts were shared with stakeholders and the public, both of which helped shape the final version of the bill. More than 20 hearings on cybersecurity have been held across at least seven different Senate committees, with dozens more held on questions relating to cybersecurity.
Markups of cyber legislation have been held in five separate committees, each under the rules for regular order. In the last Congress, both the Homeland Security and Commerce Committees passed comprehensive cybersecurity legislation that contains many of the ideas in the legislation.
And in August 2011, Majority Leader Reid, after consulting with Minority Leader McConnell, brought all the committees of jurisdiction together to form working groups that contributed to the bill introduced yesterday. These groups reached out to industry, academics, civil liberties and privacy experts, and security experts. Hundreds of changes have been made to the bill as a result of their input.