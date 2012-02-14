* Rockefeller says issue transcends political parties
* Bill is comprehensive approach that Reid supported
* No immediate House companion bill
By Diane Bartz
WASHINGTON, Feb 14 Leading U.S. senators
introduced a cybersecurity bill on Tuesday aimed at safeguarding
the nation's water and power systems, which experts have warned
often only have the most rudimentary protections against
hackers.
Senators John Rockefeller and Dianne Feinstein, both
Democrats; Susan Collins, a Republican, and Joseph Lieberman, an
independent, drafted a comprehensive bill that would require the
secretary of homeland security to designate certain
infrastructure as critical and compel steps to safeguard against
hackers.
"The prospect of mass casualty is what has
propelled us to make cybersecurity a top priority for this year,
to make it an issue that transcends political parties or
ideology," Rockefeller told the Senate on Tuesday morning.
He noted hackers' success in breaking into sensitive
government agencies and Fortune 500 companies, and warned that
air traffic control, rail switching networks and chemical
pipelines could be the next target.
Under the bill, some financial networks, or portions of
networks, could be deemed critical if damage to them could
result in catastrophic economic damage to the country.
The Department of Homeland Security would have the
power to penalize companies that do not put in place appropriate
safeguards. However, companies that have good security and are
hacked anyway will not be liable for damages.
The legislation would also ease information-sharing between
the federal government and the private sector to combat cyber
crime and espionage, and would require the government to take
steps to secure its own networks.
Last, it would update recruitment of cybersecurity experts
into the federal workforce.
Senate Majority Leader Harry Reid last year called for the
drafting of a comprehensive cybersecurity bill, and this
207-page bill is the product.
Defense contractors such as Lockheed Martin Corp
have been among the high-profile victims of cyberattacks. Others
include Google Inc, Citigroup and Nasdaq OMX
.
Industry has fought back and succeeded in stopping previous
cybersecurity bills, even though experts have warned for years
that portions of the U.S. critical infrastructure - particularly
water and electrical plants - sometimes have woefully inadequate
defenses against hackers.
Industry opposes additional regulations as burdensome and
argues it should focus on fighting hackers instead of complying
with government rules.
Companies will likely try to weaken the measure in
coming weeks and months, said James Lewis, a cybersecurity
expert for the Center for Strategic and International
Studies.
"The spin is that it's burdensome regulation and will
hurt innovation. The counter to that is 'OK, we'll sacrifice
national security,'" he said. "It would be really nice to have
something (legal) in place but just because we need it doesn't
mean we're going to get it."
The House of Representatives is considering legislation that
overlaps with the Rockefeller bill on some points.
Republican Representative Mac Thornberry, who oversaw the
writing of a report outlining Republican priorities, supports
regulation to require better cyber defenses for critical
companies.
A key difference would be that the companies' usual
regulator, rather than the Department of Homeland Security,
would oversee the new regulation.