Modernizing Authentication — What It Takes to Transform Secure Access
WASHINGTON -- Building on the work of several committees in the last session of Congress, Senate Majority Leader Harry Reid (D-Nev.) is hoping to bring comprehensive cybersecurity legislation to a floor vote this year, and the earlier the better, a top aide said on Tuesday.
In a panel discussion with several congressional staffers working on cybersecurity issues at the annual conference hosted by the nonpartisan Advisory Committee to the Congressional Internet Caucus, Reid aide Tommy Ross said that his boss is eager to reconcile committees' competing bills and bring a final product to the floor in short order.
"With regard to a lot of things, but especially something as important to our national security as this -- Senator Reid can be a pretty impatient man, and I think would liked to have had this done before we finished last year," Ross said.
Several bills, including some efforts at sweeping reform, were introduced in various committees last year, though none made it to the floor for general debate and vote. In part, the inter-committee turf wars in a policy arena that spans an array of jurisdictions held up the process. Additionally, various industry stakeholders and advocacy groups expressed reservations about the substance of some of the provisions, which led to extensive periods of revision.
But in the coming year, Reid is hoping to meld the frameworks crafted in the last session, and move a bill to the floor once the administration and industry groups weigh in with their input on what the final legislation should look like.
"That's a lot of work, and getting it done early this year may seem ambitious," Ross said. "That's certainly my tasking from Senator Reid, and I think what his tasking will be for these committees."
The silence from the White House has been a particular stumbling block. Early in his administration, President Obama commissioned a top-to-bottom review of the federal cybersecurity apparatus, and has since filled out the ranks of his senior staff that work on the issue, including the appointment of Howard Schmidt, a government veteran and former executive with Microsoft and eBay, to serve as White House cybersecurity coordinator.
But the administration has yet to produce a formal policy recommendation for what a cybersecurity overhaul bill should look like, which has bogged down the process.
"I'll be honest -- we would have liked to see them engage sooner," Ross said. "But we also understand ... if we have a problem dealing with six or seven committees struggling over jurisdictional lines, you know they have, you know, dozens of agencies with different equities that they're trying to bring to the table."
Aside from issues concerning the process of advancing legislation, several matters of substance remain unsettled, chief among them the appropriate framework for the collaboration between the federal government and private sector.
Additionally, Ross said that Reid is eager to see language that would call for the largest Internet service providers to share threat information with each other, in addition to the government, a provision that was not included in the bills introduced last session.
Keep up with security news; Follow eSecurityPlanet on Twitter: @eSecurityP.