• The Heritage Network
    • Resize:
    • A
    • A
    • A
  • Donate
  • From Chemical Security to Cyber: Regulation Still Not the Answer

    Chris Maddaloni/CQ Roll Call/Newscom

    The House Committee on Energy and Commerce will hold a hearing on Thursday on the progress made in the Chemical Facility Anti-Terrorism Standards (CFATS) program over the past six months.

    CFATS was once considered a great success in security and government regulations. In late 2011, however, a leaked Department of Homeland Security (DHS) memo brought to light the fact that the CFATS program turned out to be plagued by inefficiencies and inaction.

    The negative reaction was swift and boisterous. By September 2012, however, DHS proclaimed that the program had “turned a corner,” promising Congress would see “hundreds of inspections occurring over the course of the next year.” Everything was purportedly back on track.

    Now flash forward six months and we will get to find out just how true these claims have been. The true question, however, is how much can be done to fix a program that was flawed from the beginning.

    As a Heritage report explained last year:

    While a degree of government oversight over chemical security is needed, current standards are exceedingly burdensome and complicated, and overprescribe federal solutions with which the private sector must comply, threatening innovation and economic expansion.

    If this sounds familiar, it’s because the Obama Administration and some in Congress believe the U.S. also needs a regulatory approach to cybersecurity. If CFATS is any indicator of how well DHS and other regulators deal with security regulations, however, cybersecurity regulations are bound to hurt security more than they help.

    Indeed, the cyber realm is incredibly dynamic, and threats and technology are constantly changing. The threats that CFATS deals with, on the other hand, are not constantly changing, but the government still has a hard time making these regulations work. If the government cannot make CFATS work, how will it ever establish dynamic, well-functioning cybersecurity regulations?

    Instead of adding more regulation every time a new threat emerges, Congress should rely on approaches that are dynamic, market-driven, risk-based, and cost-effective. This goes for both the chemical sector and the cyber realm. By rejecting regulation, the U.S. can come up with creative and appropriate solutions that do not hinder growth or real security.

    Posted in Security [slideshow_deploy]

    Comments are closed.

    Comments are subject to approval and moderation. We remind everyone that The Heritage Foundation promotes a civil society where ideas and debate flourish. Please be respectful of each other and the subjects of any criticism. While we may not always agree on policy, we should all agree that being appropriately informed is everyone's intention visiting this site. Profanity, lewdness, personal attacks, and other forms of incivility will not be tolerated. Please keep your thoughts brief and avoid ALL CAPS. While we respect your first amendment rights, we are obligated to our readers to maintain these standards. Thanks for joining the conversation.

    Big Government Is NOT the Answer

    Your tax dollars are being spent on programs that we really don't need.

    I Agree I Disagree ×

    Get Heritage In Your Inbox — FREE!

    Heritage Foundation e-mails keep you updated on the ongoing policy battles in Washington and around the country.