Yesterday the Senate blocked a Bill that had intended to protect the U.S’s critical infrastructure (electricity and water supplies, communications, financial and essential industries). Despite continued warnings from industry experts, military chiefs and leading Senators, the Bill lost a vote 52-46.
Over the past few weeks the Bill had been diluted to appease a section of Republicans and former Presidential candidate John McCain, who felt the Bill imposed too much on businesses by requiring them to meet standards for their computer systems. This didn’t go down well, and the Republicans slowly pulled the teeth one by one from the Bill until mandatory compliance had become voluntary – how many businesses do you know would comply with a voluntary standard?
The Republicans further cited that the cost of implementing the Bill would largely fall at the feet of the private sector, with little reduction in actual risk. Senator Susan Collins, a staunch backer of the Bill, called it ‘a shameful day’.
And the Cyber Security Bill had some seriously heavyweight backers…
Former FBI cyber official Shawn Henry told the Black Hat hackers convention in LA last week “I believe something like 9/11 will have to happen in the cyber world before people truly get it”. Whilst Army General Keith Alexander, head of the National Security Agency and US Cyber Command said that it was only a matter of time before the US suffered a huge cyber attack and that “On a scale of 1 to 10, US cyber defences are at a 3”.
The Cyber Security Bill 2012 was one of President Obama’s top national security policies. The ever growing paranoia of serious cyber attacks from China, the Middle East and rogue entities is something often in the American news. And whilst the military and senior US agencies are no doubt ahead of the curve, the real threat is to US businesses, utility companies and organizations that lack the knowledge and understanding to adequately protect themselves.
If America is to protect itself and its national infrastructure, it needs an integrated approach to cyber defense. With Congress set to break for its August recess though, and this Bill effectively kicked into the long grass, the future of any Cyber Security Bill currently looks bleak.
So what, as a US business can you do? Well, you can start by reading all about cyber security and how to protect your business on our cyber security information page.