- The Foundry: Conservative Policy News from The Heritage Foundation - http://blog.heritage.org -

White House and Some in Congress Want to End the Cyber Debate

Posted By Steven Bucci On October 11, 2012 @ 1:04 pm In Security | Comments Disabled


The White House and certain Members of Congress are frustrated with their inability [2] to get their way with regard to cybersecurity.

Recently, Congress tried unsuccessfully to pass a comprehensive cybersecurity bill. Proponents of the bill are furious. In response, the President threatened to simply dictate rules through an executive order [3]. The issue has been portrayed as a partisan one [4] by some commentators, but this could not be further from the truth.

There is a real divide over how to address the challenges of cyber threats, but the opposing sides are not lined up by party affiliation; they are divided by differences over the right way to fix the problem. The threats to American critical infrastructure, and to all our “digital lives,” are real.

The Russians are the most sophisticated, the Chinese use overwhelming mass, and the Iranians [5], while not as technologically capable as the others, make up for it with evil intentions and sheer hard work. Add in criminals, terrorists, and individual “hacktivists” with political agendas, and the cyber threat is real and daunting. Issues like privacy make this more complicated. This is a real problem that should be addressed sensibly and with thorough consideration.

The way some legislators and the President want to solve it will simply not work [6]. They want to dictate government regulations the way their predecessors wrote rules for safety in the auto industry. They are convinced that simply adding government regulations (and regulatory entities) will help.

Regulations are too slow to develop, vet, and promulgate and too static to be effective in the digital world. They simply encourage bad guys to study the compliance-based “rules” and go around these checklists with new attack techniques.

Action is needed, but to just do something that has no positive effect—or even a harmful one—is a waste of time, money, and effort.

Any cybersecurity law should promote info sharing, provide for cyber insurance, improve the cyber supply chain security, establish a cyber right to self-defense and push public cyber hygiene, and foster a better cyber workforce.

The Administration’s efforts to address cybersecurity are an Industrial-Age solution to a cyber-age problem. It should allow the national debate to happen, drop the mandatory regulatory model, and adopt a flexible, 21st-century approach to cyber legislation.

Article printed from The Foundry: Conservative Policy News from The Heritage Foundation: http://blog.heritage.org

URL to article: http://blog.heritage.org/2012/10/11/the-white-house-and-some-in-congress-want-to-end-the-cyber-debate/

URLs in this post:

[1] Image: http://blog.heritage.org/wp-content/uploads/lock-cyber-security2.jpg

[2] are frustrated with their inability: http://blog.heritage.org/2012/09/24/a-cybersecurity-offer-companies-cant-refuse/

[3] executive order: http://blog.heritage.org/2012/09/10/executive-orders-in-cybersecurity-result-in-incomplete-and-empty-solutions/

[4] partisan one: http://wvgazette.com/News/201208020093

[5] the Iranians: http://blog.heritage.org/2012/09/24/iranians-may-be-doling-out-payback-for-u-s-sanctions/

[6] will simply not work: http://www.heritage.org/research/reports/2012/07/cybersecurity-act-of-2012-revised-cyber-bill-still-has-problems

Copyright © 2011 The Heritage Foundation. All rights reserved.