Republican Filibuster kills Cybersecurity Bill

**wickedsolo** · 08-03-2012, 07:46 AM

http://www.theregister.co.uk/2012/08...security_bill/

The US Cybersecurity Act 2012 originally called for mandatory security standards to be enforced for companies forming the US national critical infrastructure – a rather nebulous term used to cover power, communications, water and the other stuff that makes life relatively safe and bearable. The government only has oversight of around 20 per cent of this, with private companies running the rest.

After the Republicans enforced a filibuster, the bill failed to meet the 60 votes required at a 52-48 split, with five Republicans and five Democrats crossing the floor. The US Chamber of Commerce, a lobbying group which was in the vanguard of opposition to the bill, applauded the vote.

Thoughts?

**HoustonRaven** · 08-03-2012, 08:34 AM

Were there add-ons to the bill?

That's usually why bills get killed.

**wickedsolo** · 08-03-2012, 08:42 AM

Originally Posted by HoustonRaven

Were there add-ons to the bill?

That's usually why bills get killed.

The only major add-on that I know of (I work in this industry...so I've been following this fairly closely) is that a lot of private industry was worried with the Feds having too much influence on regulating them. So, they amended the bill to reflect that meeting those standards would be voluntary, but strongly encouraged.

The problem is right now there really aren't any standards and while I understand that private industries want the government as far away from their networks and databases as possible, this bill was primarily written to increase security standards for critical infrastructure like power grids, nuclear plants, water/sewage plants, federal credit unions, etc.

**NCRAVEN** · 08-03-2012, 09:05 AM

I agree there should be security standards for critical infrastructure, my problem is once government gets involved in anything, it's only a matter of time before the try to regulate the whole damn thing.

I'd be okay if the set the standards that nuke plants, sewage plants etc. had to have but that's about as far as I'd like them to take it.

**HoustonRaven** · 08-03-2012, 09:14 AM

Add-ons like a tax attachment, funding a dog farm in Iowa, etc.

Those kinds of things are why bills usually get killed.

**wickedsolo** · 08-03-2012, 09:22 AM

Originally Posted by HoustonRaven

Add-ons like a tax attachment, funding a dog farm in Iowa, etc.

Those kinds of things are why bills usually get killed.

Well, the cyber security centers (NSA, DOD, DHS, Cybercom, etc) were poised to get a pretty significant budget bump.

I honestly don't know about any add-on's like you're talking about. I can see if I can find anything like that.

**wickedsolo** · 08-03-2012, 09:24 AM

Originally Posted by NCRAVEN

I agree there should be security standards for critical infrastructure, my problem is once government gets involved in anything, it's only a matter of time before the try to regulate the whole damn thing.

I'd be okay if the set the standards that nuke plants, sewage plants etc. had to have but that's about as far as I'd like them to take it.

Ultimately, the government would like private industry to adhere to security standards established by the cyber centers, but they aren't going to force them.

With things like Duqu, stuxnet, and Flame out there right now and Iran making cyber threats they really wanted to get something through to benefit a lot of the things that are considered necessary and essential for America's way of life.

Water, sewage, power, nuclear, defense, military, government entities, banking systems, communication systems, etc. Not all of them were going to be required to fall in line with these standards, but things that the the government regulated already (defense, for example) would have to fall in line.

**HoustonRaven** · 08-03-2012, 09:33 AM

I see why it died. And I'm glad it did. From Forbes ....

And the debate over the bill went astray at times thanks to extraneous proposed amendments. This week, senators added nearly 100 amendments to the bill — some legitimate, such as a privacy-related one from Sen. Al Franken and a hacking law update from Sen. Patrick Leahy — and others not so much, including amendments related to health care and gun control. Sigh. This is our Congress.

The term for this is "loving it to death".

It's also a lesson in biased media reporting. Those evil Repubs killing the Cybersecurity bill ...

**wickedsolo** · 08-03-2012, 09:51 AM

Originally Posted by HoustonRaven

I see why it died. And I'm glad it did. From Forbes ....

The term for this is "loving it to death".

It's also a lesson in biased media reporting. Those evil Repubs killing the Cybersecurity bill ...

What is the point of trying to pass a bill if you're going to attach different things to it that have nothing to do with the bill in the first place?

**JStruds** · 08-03-2012, 10:50 AM

Originally Posted by wickedsolo

What is the point of trying to pass a bill if you're going to attach different things to it that have nothing to do with the bill in the first place?

Earmarks. The line item veto was supposed to deal with this problem, but to the best of my knowledge it has yet to be used. Politics (apparently) doesn't have to make sense.