The disclosures of classified surveillance programs by former National Security Agency contractor Edward Snowden have further slowed the already ponderous process of passing cybersecurity legislation, and also put U.S. commercial networks at increased risk of attack, the bill's top sponsors said Sept. 12.
Rep. Mike Rogers (R-Mich.), chairman of the House Intelligence Committee, said that "misperceptions" created by media reports based on documents leaked by Snowden have slowed efforts to advance the Cyber Intelligence Sharing and Protection Act (CISPA), which the House passed in April.
"We've had great conversations with the Senate. They haven't given up on it. We think that [they] will make a few changes and maybe, hopefully, get a bill sent to the president," Rogers said at the Intelligence and National Security Alliance (INSA) conference in Washington, D.C.
Rep. Dutch Ruppersberger (D-Md.), ranking member on the committee, sounded slightly more pessimistic, saying the bill was currently stalled in the Senate. "We're trying to work on that," he said, appearing on the same stage as Rogers.
CISPA would create a framework for information sharing on cyberthreats between industry and government. The bill is a reworking of a 2011 version that drew considerable criticism from privacy advocates. The latest iteration includes provisions designed to place limits on what the government could do with personal information received as part of threat reports from private industry.
However, news reports of National Security Agency programs designed to collect and retain bulk phone metadata records from telecommunications carriers and details of Internet activity from private firms have significantly reduced the appetite for new cybersecurity legislation. Instead, some legislators on both sides of the aisle are looking for ways to curb the authority of the NSA to collect information.
Rep. Justin Amash (R-Mich.) sponsored an amendment to the Defense authorization bill that would have banned the NSA from storing bulk phone metadata records. The proposal was narrowly defeated. Rep. Rush Holt (D-N.J.) introduced legislation that would roll back some spying authorities granted to the government under the Patriot Act and the Foreign Intelligence Surveillance Act.
Despite the relationships with commercial firms detailed in news reports, the intelligence community still faces a gap when it comes to observing cybersecurity threats faced by private networks, according to senior officials who spoke at the INSA conference.
"We need to have partnerships with industry. We need to understand what is going on within not just our own networks but the nation's networks," Rear Adm. Sean Filipowski, director of intelligence at U.S. Cyber Command, told a panel at the INSA conference.
(By Adam Mazmanian)
|