In his State of the Union address in late January, US President Barack Obama proposed a package of legislation designed to strengthen cybersecurity measures and enforcement against cybercriminals. In particular, the proposed cybersecurity legislation calls on firms to provide information on security breaches to the Department of Homeland Security and allows prosecution for the sale of botnets used in cybercrime as well as court action against denial-of-service (DoS) attacks.
With both houses of Congress in the hands of the Republicans, legislative proposals can expect close scrutiny. Some aspects of information policy, from government cyber surveillance to net neutrality, are controversial subjects on Capitol Hill. However, amid a rising tide of cybercrime, including high-profile attacks on businesses, the prospects of bipartisan support for cybersecurity legislation are substantial.
Prominent Attacks Help Set the Stage
According to The New York Times, Obama’s cybersecurity proposals were sparked by recent cyberattacks that have rocked both the business and government sectors. These attacks have also demonstrated that the lines between cybercrime and cyberwar are increasingly blurring.
As Obama told congressional leaders at a White House meeting, the attacks indicate “how much more work we need to do, both public and private sector, to strengthen our cybersecurity to make sure that families’ bank accounts are safe, to make sure that our public infrastructure is safe.”
Protection for Firms, Prosecution for Cybercriminals
The proposed legislative package includes measures calling on victimized firms to be more forthcoming about security breaches. For providing the Department of Homeland Security with such information as Internet addresses and routing protocols, firms would be given targeted liability protection as long as they took measures to protect the personal information of consumers.
Additionally, the White House proposal would criminalize the sale of botnets — networks of computers controlled by furtively installed malware — used to perpetrate hacks. The courts would also receive authority to shut down sites responsible for DoS attacks and other types of fraudulent cyberactivity.
Threats Could Generate Bipartisan Support for Cybersecurity Legislation
With a Democratic president and Republicans controlling both houses of Congress, proposals from the White House can expect tough scrutiny on Capitol Hill, where Republicans are often skeptical of measures that might affect businesses. Political furnaces are further stoked by the 2016 presidential election, for which both parties are already gearing up. However, as noted by Britain’s BBC News, the prospects for bipartisan action on cybersecurity legislation may be increasingly favorable.
The risks to firms from advanced threats and other forms of cyberattacks have generated a growing consensus within the business community that broader action is needed on the cybersecurity front. Enterprises can no longer effectively protect themselves in isolation — security partnerships, including public-private alliances, have become a necessity.