It was announced last week that the 9/11 Commission has called on the Senate to pass cybersecurity legislation before Congress goes on recess for the year. The commission warned Senate Majority Leader Harry Reid that the country is growing increasingly vulnerable to cyberattacks, citing major breaches at Home Depot and Target and the frequent discoveries of new flaws as proof of the eminent danger.
“Congress now has the opportunity to strengthen our nation’s cybersecurity defenses before a catastrophic attack strikes our people,” the commission wrote in a statement to Senator Reid. “We urge you to do so by enacting bipartisan cybersecurity legislation this year.”
Earlier this year the commission reconvened and released a report regarding the state of national security. The findings came a decade after their initial report was issued. The commission noted that hackers are growing stronger at a rapid pace, but the country is still woefully unprepared for a large-scale attack.
“With our adversaries’ cyber-capabilities growing stronger each day, the time to act is now,” wrote Gov. Thomas Kean and Congressman Lee Hamilton, chair and vice chair of the commission respectively, on behalf of the commission. “A growing chorus of national-security experts describes the cyber domain as the battlefield of the future. Yet, in the words of one former principal with whom we spoke, ‘we are at September 10 levels in terms of cyber preparedness.’ That is alarming.”
Bill encourages private-public partnership
The commission is encouraging lawmakers to pass the Cybersecurity Information Sharing Act of 2014, which made it through the Senate Intelligence Committee by an overwhelming majority earlier this year. Those who support the bill hail it as a critical measure necessary to reduce blind spots within federal IT infrastructure. However, opponents of the legislation believe it allows too much personal information to be given to government entities like the National Security Agency.
The bill enables public and private sector organizations to share information on cybersecurity, as well as provides companies that give the government security information with liability protection. The CISA also directs the Department of Homeland Security to manage a portal through which federal entities can share important insights. Use of the portal and the information contained within will be limited to actions regarding cyberthreats and cannot include “inappropriate investigations or regulation.”
The commission has also supported a number of bills from the Senate Homeland Security Committee that would improve the government’s ability to hire cyber professionals with the necessary skills, update federal IT security practices and authorize the creation of a cyber management center within the Department of Homeland Security.