How much cyber security is enough? Companies wary as Senate weighs bill.
The Senate on Monday takes up a cyber security bill affecting companies that own power systems, water facilities, and other critical infrastructure. Though new security standards would not be mandatory, the private sector remains cautious.
Cybersecurity legislation, stalled for months, is now moving forward in Congress, with the Senate poised to begin debate on whether the bill's voluntary standards for private industry will protect America from devastating cyberattacks or are still just too onerous.
The Cybersecurity Act, as originally proposed by Sens. Joseph Lieberman (I) of Connecticut and Susan Collins (R) of Maine, was full of requirements that the private companies who own nearly all the nation's power systems, water treatment facilities, communications networks, and other critical infrastructure comply with new federal standards.
But Senator Lieberman and company last week axed the mandatory federal oversight, acknowledging they didn't have the votes to push it through. The revised bill now rests on voluntary standards and incentives to spur companies to partner with the government in meeting them.
On that basis, the bill won a critical Senate procedural motion to proceed, 84 to 11, on July 26. Senate majority leader Harry Reid (D) of Nevada also promised at that time to include an open process for amendments.
“There’s plenty of room for changes,” Senator Reid said on the Senate floor that day. “Let’s have as many amendments as people feel appropriate.”
Page 1 of 4