unfettered authority to regulate private industry," Bob Goodlatte, a
Virginia Republican and chairman of a House Judiciary Committee panel
on the Internet, said today at a hearing on cybersecurity. "Do the
American people really want their regulatory agencies turned into
quasi-fiefdoms?"
The administration's proposal released May 12 calls for Homeland
Security to work with industry to find vulnerabilities in critical
infrastructure such as electrical grids and financial networks. The
department would define what companies would qualify as "critical
infrastructure" and therefore be subject to more oversight.
"The regulatory process is a slow one, whereas the escalating cyber
threats our country faces are extremely dynamic problems," Goodlatte
said. "Cybersecurity threats and online technologies change quickly --
so quickly that any regulations for cybersecurity could be outdated
before they are finalized."
Congress needs to create incentives for the private sector to do more
to protect itself from cyber attacks, Goodlatte said. He's currently
writing legislation to address his concerns.
U.S. lawmakers introduced about 50 cybersecurity measures in the last
session of Congress. Those measures include at least eight bills that
seek to boost security at energy and utility companies.
The administration's proposal would jump-start efforts in Congress to
update U.S. laws in response to the increased threat of cyber attacks
capable of crippling business and government operations.
The urgency of advancing a cybersecurity bill has been heightened by
recent assaults, including last month's attack on networks operated by
Sony Corp and the data bleach at RSA.
The Senate's Sergeant at Arms reported last year that computer
systems of Congress and executive branch agencies are probed or
attacked 1.8 billion times per month, costing about $8 billion
annually.
As the computing become more mobile, social, and most applications are
migrating to the cloud, introduce new bill by the congress with this
realty in mind will certainly help to enhance our nation's security.
IMHO, "critical infrastructure" should include travel business, press,
widely used social websites such as facebook, twitter, linkedin, all
big IT companies and cloud providers such as Google, Microsoft, Amazon
in addition to utilities, financial sector, telecommunications etc.
I welcome any comments.
No comments:
Post a Comment