Why waiting for Congress to fix cybersecurity is a waste of time

Washingtonians rarely miss an opportunity to tell you how technological innovation has outpaced the law.

You’ll hear it from progressives who cite it as evidence that regulations need to be strengthened, and you’ll hear it from conservatives who say those same regulations ought to be repealed. In either case, the prescription involves some act of Congress. But what if Congress isn’t the right body for the job?

On Tuesday, the Senate Commerce Committee approved a version of the cybersecurity bill it’s been crafting for the past few months. Dozens of businesses and industry groups chimed in to support the legislation, which now heads to the Senate floor. Yet the bill is also a sign of how timid lawmakers have become on the issue compared to previous attempts.

The new bill codifies an Obama administration move instructing the National Institute of Standards and Technology to develop ideas businesses can use to bolster their online defenses. It also sets up a workforce training plan to produce more IT security professionals. Notably, though, it avoids the changes Obama and businesses have requested most.

SOURCE: washingtonpost.com

Information Security Buzz