Rockefeller Ready with Cyber-security Bill

Prompted by Google’s report that the search giant and some 20 other companies were victims of sophisticated cyber-attacks from within China, Sen. Jay Rockefeller, D-W.Va., promised Jan. 13 to mark up his cyber-security legislation early this year.

Introduced by Rockefeller and Olympia Snowe, R-Maine, in April and redrafted late this summer, the bill would create a National Cybersecurity Adviser under the authority of the president to coordinate cyber-security efforts.

“Cyber attacks are increasing exponentially and we need to get serious about America’s cybersecurity-our nation’s public and private infrastructure is too critical to remain vulnerable and unprotected,” Rockefeller said in a Jan. 13 statement. “It’s an understatement to say that cybersecurity is one of the most important issues we face; the increasingly connected nature of our lives only amplifies our vulnerability to cyber attacks and we must act now.”

Rockefeller and Snowe drafted the legislation in response to years of post-9/11 complaints that neither the private sector nor government officials were doing enough to adequately protect the nation’s critical cyber-infrastructure. According to a number of reports, the senators drafted the bill after consulting with the White House.
While no one particularly objected to a cyber-czar, there were howls of protest about the details in the bill. As originally drafted, the Cybersecurity Act gave the president an Internet “kill switch” for reasons of national security or in an emergency and the authority to designate private networks as critical infrastructure subject to cyber-security mandates, including standardized security software and testing, and licensing and certification of cyber-security professionals.
Rockefeller and Snowe retreated and redrafted. The new language dropped all references to the president’s ability to shut down the Internet. Instead, Rockefeller and Snowe granted the president the authority to declare a cyber-security emergency and to direct the “national response to the cyber threat.”

The revised bill would establish the Office of the National Cybersecurity Advisor within the Executive Office of the President. The National Cybersecurity Advisor will lead this office and report directly to the president. The advisor will serve as the lead official on all cyber matters, coordinating with the intelligence community, as well as the civilian agencies.

In August, President Obama named Howard Schmidt as the administration’s cyber-security coordinator, a position similar to Rockefeller’s proposal.