- The Foundry: Conservative Policy News from The Heritage Foundation - http://blog.heritage.org -
From Chemical Security to Cyber: Regulation Still Not the Answer
Posted By Jessica Zuckerman On March 14, 2013 @ 10:18 am In Security | Comments Disabled
The House Committee on Energy and Commerce will hold a hearing on Thursday on the progress made  in the Chemical Facility Anti-Terrorism Standards (CFATS) program over the past six months.
CFATS was once considered a great success in security and government regulations. In late 2011, however, a leaked Department of Homeland Security (DHS) memo brought to light the fact that the CFATS program turned out to be plagued by inefficiencies and inaction .
The negative reaction was swift and boisterous. By September 2012, however, DHS proclaimed that the program had “turned a corner,”  promising Congress would see “hundreds of inspections occurring over the course of the next year.” Everything was purportedly back on track.
Now flash forward six months and we will get to find out just how true these claims have been. The true question, however, is how much can be done to fix a program that was flawed from the beginning.
As a Heritage report  explained last year:
While a degree of government oversight over chemical security is needed, current standards are exceedingly burdensome and complicated, and overprescribe federal solutions with which the private sector must comply, threatening innovation and economic expansion.
If this sounds familiar, it’s because the Obama Administration  and some in Congress  believe the U.S. also needs a regulatory approach to cybersecurity. If CFATS is any indicator of how well DHS and other regulators deal with security regulations, however, cybersecurity regulations are bound to hurt security  more than they help.
Indeed, the cyber realm is incredibly dynamic, and threats and technology are constantly changing. The threats that CFATS deals with, on the other hand, are not constantly changing, but the government still has a hard time making these regulations work. If the government cannot make CFATS work, how will it ever establish dynamic, well-functioning cybersecurity regulations?
Instead of adding more regulation every time a new threat emerges, Congress should rely on approaches that are dynamic , market-driven, risk-based , and cost-effective. This goes for both the chemical sector and the cyber realm. By rejecting regulation, the U.S. can come up with creative and appropriate solutions that do not hinder growth or real security.
Article printed from The Foundry: Conservative Policy News from The Heritage Foundation: http://blog.heritage.org
URL to article: http://blog.heritage.org/2013/03/14/from-chemical-security-to-cyber-regulation-still-not-the-answer/
URLs in this post:
 Image: http://blog.heritage.org/wp-content/uploads/Upton_130314.jpg
 hearing on Thursday on the progress made: http://energycommerce.house.gov/hearing/chemical-facility-anti-terrorism-standards-cfats-program-progress-update
 plagued by inefficiencies and inaction: http://www.foxnews.com/politics/2011/12/21/exclusive-beset-by-strife-at-dhs-office-future-anti-terrorism-program-now-in/
 the program had “turned a corner,”: http://www.fiercehomelandsecurity.com/story/dhs-resumes-cfats-inspections-promises-program-has-turned-corner/2012-09-12
 Heritage report: http://www.heritage.org/research/reports/2012/08/chemical-security-in-the-us-cfats-regulations-too-complex-overly-burdensome
 Obama Administration: http://www.heritage.org/research/reports/2013/02/obama-s-cybersecurity-executive-order-falls-short
 some in Congress: http://www.heritage.org/research/reports/2012/03/senate-cybersecurity-bill-not-ready-for-prime-time
 hurt security: http://www.heritage.org/research/reports/2012/06/cybersecurity-and-red-tape-more-regulations-not-the-answer
 dynamic: http://www.heritage.org/research/factsheets/2012/07/updated-comparison-of-cybersecurity-legislation
Copyright © 2011 The Heritage Foundation. All rights reserved.