The proposed Lieberman-Collins bill S 3480 “Protecting Cyberspace as a National Asset Act of 2010” has been criticized in the mainstream media as insufficient for securing US infrastructure from cyber attacks. The critics don’t seem to realize that the legislation is not intended to be an all-encompassing bill.
Securing cyberspace will require more than a single piece of legislation. This cybersecurity bill represents no small step, and in light of the present threat environment it’s a great beginning.
It’s time to end Washington’s business-as-usual strategy of doing nothing unless everything is perfect (through “big bang legislation”). Lets move forward instead of falling victim to gridlock pushed by the many competing interests – intellectual property rights, personal privacy, and others that have held up even the most basic cyber security safeguards.
I laud Lieberman-Collins Bill S 3480 “Protecting Cyberspace as a National Asset Act of 2010” for having the courage to begin the process of securing cyberspace. Over time there will be corrections, clarifications and improvements to this cybersecurity bill, as well as additional bills to provide more safeguards and legal remedies.
CyberSecurity and Public Utilities
Clearly our public utilities are doing a dismal job with IT security and it is in our national interest to motivate them to act responsibly. No doubt congress would also gain political benefit by making the utilities accountable for their lackluster security practices.
I can say from first-hand knowledge just how lax the utilities can be when it comes to IT security. Our privileged identity management software is deployed in some of North America’s largest financial institutions, corporations and federal government agencies – yet when we propose these products to utilities we’re consistently rejected in favor of cheap, off-shore alternatives that don’t necessarily deliver any real security. It seems clear that these utilities are on a suicide mission with respect to internal safeguards, and the public would benefit from the kind of government oversight that would force them to secure the valuable resources that they control.
Rather than solving this problem in Lieberman-Collins, Congress ought to craft targeted legislation to get the utilities acting responsibly – before they send us into semi-permanent darkness. The day will come soon enough when a hostile foreign government or hacker group takes advantage of this enormous vulnerability.
Let’s take action through Lieberman-Collins and then continue to push for improvements through the legislative process. Lieberman-Collins bill S 3480 is a great starting point.