Thursday, February 17, 2011

Cyber Security Legislation Proposal Coming Soon

From Finally Fast

Congress is expected to propose cyber security legislation soon, signaling a first step toward protecting the country's networks after a series of data breaches revealed vulnerabilities.

The proposed Cybersecurity Enhancement Act is reportedly a bipartisan effort to fund research, awareness and education on data protection and overall cyber security for both the private and public sectors. Senator Robert Menendez, a Democrat from New Jersey, said such recent issues as the data breach at Nasdaq OMX Group and the Night Dragon hack against major oil and gas companies show that legislative action for cyber security is needed now more than ever.
"Cyber threats are not on the horizon, they are upon us," Menendez said. "Businesses and investors must trust that their investments are secure. We cannot allow security breaches to undermine our trust in the U.S. economy. We must step forward and curb these attacks without delay."

Specifically, the Cybersecurity Enhancement Network will require the National Science Foundation research and development programs to support collegiate-level education programs on cyber security, prompt the National Institute of Standards and Technology to create best standards for cyber security and ensure these standards are transferred to the private sector.

In a statement, Menendez cited the Nasdaq data breach and the recently discovered initiative known as Night Dragon, in which an organization of hackers had been stealing confidential documents from major oil and gas companies since November 2009.

However, cyber security is not a new issue in the federal government. Since WikiLeaks released hundreds of thousands of U.S. diplomatic cables, revealing government secrets and cover-ups, members of Congress and even President Barack Obama himself have called for cyber security improvements.

In fact, the Center for Strategic and International Studies recently published a report that declared the government has much work to protect the networks it relies on. The report said the high-profile data breaches of 2010 indicate that the government has made little, if any, progress on cyber security since the Obama administration began its term in 2008.
As legislation and government attention continues to turn to cyber security, others have called for a more careful approach. Speaking on behalf of the Center for Democracy and Technology, Gregory Nojeim testified before the House Armed Services Subcommittee on Emerging Threats and Capabilities, pushing the government to learn from Egypt's mistakes when considering government control over public and private networks. Nojeim said "unforeseen effects" may arise if the U.S. government assumes control over internet access.

However, Representative Mac Thornberry, a Republican from Texas, maintained that the government and military may need to control access to the internet in preparation for a major attack on internet infrastructure, much the same as the military would need to prepare "if a formation of planes or hostile-acting ships came barreling toward a factory or refinery in the U.S."