Senators Renew Push to Strengthen Cybersecurity

Re-introduced bill enhances privacy protections, federal contractor provisions

June 27, 2012

Washington, DC – U.S. Senators John McCain (R-AZ), Kay Bailey Hutchison (R-TX), Chuck Grassley (R-IA), Saxby Chambliss (R-GA), Lisa Murkowski (R-AK), Dan Coats (R-IN), Ron Johnson (R-WI), and Richard Burr (R-NC) today re-introduced the Strengthening and Enhancing Cybersecurity by Using Research, Education, Information, and Technology Act (SECURE IT), S. 3342, their proposal to protect and secure our nation against cybersecurity attacks.  The re-introduced bill improves several areas of the bill as well as enhances privacy protections and civil liberties oversight.

“It is past time for Congress to address the global cyber threat facing our nation. The key to successfully fighting this threat is not adding more bureaucrats or forcing industries to comply with government red-tape,” said Sen. McCain. “Instead, we must leverage the ingenuity and innovation of the private sector in partnership with the most effective elements of the federal government to address this emerging threat.”

“We have worked closely with members and stakeholders over the past months, and we believe we have come up with a consensus bill that will significantly advance the security of our government and private sector networks,” Sen. Hutchison said.  “Our bill focuses on giving companies and the government the tools and knowledge they need to protect themselves from cyber threats, and creates new important requirements for government contractors to notify their agencies of significant cyber-attacks to their systems.” 

“Now that the House has passed legislation that can improve our nation's cybersecurity without regulating the private sector or growing the size of government, the Senate should follow these principles and work to rebuild sorely needed trust between the government and the American people,” said Sen. Chambliss. “The SECURE IT Act is a strong step in this direction, and I am proud to be a cosponsor.”

“This proposal reflects a shared interest in cybersecurity protections that retool existing programs to better meet threats rather than create new government programs and regulations.  It would strengthen cybersecurity defenses without stifling innovation and growth,” Sen. Grassley said.  “My goals have been to refine the criminal law provisions, update legal barriers to information sharing, and safeguard civil liberty and privacy protections.”

“Rather than an all-or-nothing approach, we continue to focus on areas within cybersecurity where we believe there is common agreement,” Sen. Murkowski said. “After many discussions with stakeholders, we have modified the bill to clarify and strengthen it, without adding new layers of bureaucracy and regulation that would stifle the private sector’s ability to combat and respond to cyber-attacks. In the electric industry, where there are cyber requirements already in place, adding additional DHS regulations, on top of what FERC and NERC already require, would not create a stable business environment nor would it improve cybersecurity.”

“A serious cyber attack on our nation is a real and growing threat that requires us to be more vigilant and better prepared,” said Sen. Coats, a member of the Senate Intelligence Committee. “The surest and quickest way to improve cyber security in this country is to leverage the capabilities and flexibility of the private sector instead of creating costly layers of government bureaucracy.”

“The SECURE IT Act recognizes industry’s central role in protecting cyber networks and provides it the liability protection it needs to share real-time cyber threat information that is necessary to combat cyber attacks.  It enables the private sector to invest in innovation and new jobs rather than compliance, focus on deterrence rather than new regulations, and share best practices with industry peers,” Sen. Johnson said.  “I have no faith that federal regulators should take the lead on cyber security. The regulatory process simply cannot keep up with the rapid pace of technology. Rather than try to impose a comprehensive approach, we need to take this one step at a time – building confidence between government and the private sector, and ensuring protections for civil liberties. This is a good first step.”

“Cyber security is essential to our national security, and this bill takes important steps to ensure that we have the defenses in place to address threats to our nation while not imposing duplicative and burdensome regulations on the private sector,” said Sen. Burr.

Improvements to SECURE IT include further tightening the definition of cyber threat information to provide stronger protections for consumers.  It will also clarify the responsibilities of the cybersecurity centers to facilitate information sharing with each other and with other federal entities and the private sector.  The latest version also makes clear that the bill does not provide any authority for the Federal Government to use or retain cyber threat information, other than those authorities specified in the bill, and includes additional oversight for protection of privacy and civil liberties.  It does not provide any new regulatory authority.  It will also ensure that agencies will adopt and update technologies to prevent and remediate significant cyber-incidents.

The SECURE IT Act will:

  • Improve cybersecurity by collaborating with industry and
    eliminating barriers to enhanced information sharing.
  • Create expedited information sharing for the private sector
    using existing structures and reporting relationships. 
  • Require federal contractors who provide cybersecurity-related
    services to a federal agency to report to those agencies significant cyber
    incidents related to those services.
  • Strengthen criminal statutes for cyber crimes.
  • Update the Federal Information Security Management Act
    (FISMA) to modernize the way the government manages and mitigates its own cyber
  • Leverage and strengthen existing programs in cybersecurity
    research and development.

Co-sponsors of the proposal are U.S. Sens. John McCain, Ranking Member of the Senate Armed Services Committee, Kay Bailey Hutchison, Ranking Member of the Senate Commerce, Science, and Transportation Committee, Chuck Grassley, Ranking Member of the Senate Judiciary Committee, Saxby Chambliss, Vice Chairman of the Senate Select Committee on Intelligence, Lisa Murkowski, Ranking Member of the Senate Energy and Natural Resources Committee, Dan Coats, Ranking Member of the Senate Appropriations Subcommittee on Homeland Security, and Ron Johnson, Ranking Member of the Senate Homeland Security Subcommittee on Oversight of Government Management, the Federal Workforce, and the District of Columbia, and Richard Burr, Ranking Member of the Senate Veterans Affairs Committee.