The Senate looks to go its own way on a cybersecurity bill, Cyber Information Sharing and Protection Act (CISPA), which just passed overwhelmingly in the House. However, a compromise bill may be the way for the federal government to finally do something about cybersecurity.
After the House passed the CISPA bill, by a vote of 288 to 127, the Senate Committee on Commerce, Science and Transportation, chaired by Sen. Jay Rockefeller (D-W. Va.), is the next step. A committee aide told U.S. News & World Report, "We're not taking [CISPA] up. Staff and senators are divvying up the issues and the key provisions everyone agrees would need to be handled if we're going to strengthen cybersecurity. They'll be drafting separate bills."
Sen. Rockefeller has conveyed that CISPA's privacy protections are insufficient. President Obama has signaled he would veto the measure, citing privacy concerns among his objections. In one of the controversial provisions, CISPA authorizes information sharing regarding threats between the private industry and law enforcement. Privacy advocates are looking to push legislation that orders the removal of personally identifiable information shared between private industry and government. A possible path for information sharing could go through the Senate intelligence committee.
The White House has indicated that the administration is willing to compromise on . The compromise will determine whether or not to have mandatory or opt-in standards for protecting networks that operate critical infrastructure. The Executive Order, titled Improving Critical Infrastructure Cybersecurity, signed in February, directed NIST to work with the private sector to craft cybersecurity standards.
This would be a big step in the right direction and a major achievement for the Obama Administration. Updating the cybersecurity standards has be an uphill battle from the beginning and will continue to be for the foreseeable future.