Has the Cybersecurity Logjam Broke?

By Wadmin953789
May 13, 2011

Congress has been making noise about passing comprehensive cybersecurity legislation for most of the last two years, prompted in part by the Obama Administration’s cyberspace policy review in 2009. Nearly two years later, the Administration has released a legislative proposal in cybersecurity that may help push legislation further along. Depending on how you count, there are nearly 50 different measures pending in Congress dealing with some aspect of cybersecurity, so a push should help.

The full Administration proposal is available online, as well as section-by-section analysis and a fact sheet. You can also look at specific parts of the proposal (see the May 12, 2011 entries), which are listed below:

  • Changes in criminal penalties for several computer-related or computer-enabled offenses
  • Data Breach Notification requirements
  • Codifies Department of Homeland Security responsibilities for civilian cybersecurity
  • Sets cybersecurity requirements for critical infrastructure systems
  • Updates the Federal Information Security Management Act
  • Some of these topics have been covered in current cybersecurity legislation or bills that were introduced in previous sessions of Congress. So in many cases, there isn’t a disagreement on whether or not a certain law is necessary, but there may be disagreement on exactly how that law should be written. And while the Administration has introduced this legislation in one large package, there is no way of knowing exactly how the package will be handled in Congress. The Senate has a placeholder bill ready to handle a single cybersecurity bill, but it’s just as possible that Congress will seek to move quickly on those bills that already have broad support ahead of new proposals or other proposals that still require negotiation.