Senator Kirsten Gillibrand (D-NY) outlined a number of cyber security bills she is planning to propose in Congress at the 2013 Visa Global Security Summit in Washington, D.C. today. But with this week’s government shutdown, the upcoming debt ceiling deadline and a Congress too clogged up with partisan politics to agree on anything, it’s doubtful any of the proposals will be considered any time soon, experts said.
Senator Gillibrand, a member of the Senate Armed Services Committee, shared three bills that she said could help bolster the country’s defenses against hackers and cyber criminals.
The first bill proposed by the senator would create a cyber security contingent in each state’s National Guard forces that would partner with private sector organizations to deal with cyber attacks.
The second would provide tax breaks for companies that invest in their own cyber security worth 30% of those investments.
And the third would require the federal government to issue annual report cards on the progress made in each country around the world in fighting cyber crime, with the aim of holding individual countries responsible for taking action against cyber crime activities within its borders.
The country’s cyber defenses are badly in need of such improvements, Gillibrand insists. One general rated the country’s readiness for a major cyberattack against key U.S. infrastructure targets as a three out of ten, while attacks against infrastructure targets increased 17-fold last year, she reported.
“If we’re going to keep America safe we have to invest in cyber security, in the best solutions and best practices,” Senator Gillibrand stated.
But it is highly unlikely that Congress will take up the cyber security issue when it can’t even agree to keep the federal government up and running. Later at the summit a panel of reporters from Politico all unanimously agreed that any cyber security legislation would be shelved this year by Congress as it wrestles over the government shutdown and the coming deadline to raise the debt ceiling.
Congress has completely stalled on cyber security legislation introduced earlier this year that is minimal compared to Senator Gillibrand’s suggested bills. “The legislation that is being stymied [in Congress] is about information sharing between parties and is limited in scope. That tells me that anything above that is not going to happen,” Byron Acohido, USA Today’s cyber security reporters said during a panel at Visa’s summit.
This doesn’t mean that the cyber security front is dead though. Acohido advised keeping an eye on states like California and Massachusetts that are considering data loss disclosure laws that would require greater sharing of cyber security information between private sector organizations and law enforcement.
And government agencies are already working on improving data sharing between themselves and the private sector within the limits of current laws, Donald Good, the FBI’s section chief for cyber ops and outreach, said during the same panel. “We’re seeing the private sector is more willing to share information with us… and we’re sharing with them things we’re seeing across the board,” Good explained. “It’s a much better data sharing environment right now then it was a few years ago.”
But Good also noted that current laws are working against law enforcement sometimes in the cyber crime area. Often there aren’t stiff enough penalties for cyber crimes to dissuade hackers and criminals to begin with, he said. Without the attention of the federal government and new legislation, efforts towards a stronger and better coordinated national cyber defense will continue to be frustrated, and that doesn’t bode well for banks.
[ Preventing DDoS Attacks: What is Your First Line of Defense? Find our more at Interop from September 30 through October 4.]