House Republicans issue answer to Senate cybersecurity bills

In legislation that mirrors a cybersecurity bill introduced by Senate Republicans earlier this month, Reps. Mary Bono Mack (R-Calif.) and Marsha Blackburn (R-Tenn.) on March 27 unveiled a House version with the same name and essentially the same provisions.

Like the Senate Republican’s Strengthening and Enhancing Cybersecurity by Using Research, Education, Information and Technology (SECURE IT) Act, introduced March 1 by Sen. John McCain (R-Ariz.), the House legislation takes a less prescriptive approach than the earlier, bipartisan Cybersecurity Act of 2012, released Feb. 14.

Related story

Republicans offer hands-off approach to cybersecurity

The Senate’s bipartisan bill expands the authorities of the Homeland Security Department, implements new regulations to protect critical infrastructure and creates a new National Center for Cybersecurity and Communications – measures the Republicans believe to be a “heavy-handed, gun-to-the-head approach,” according to a joint statement from Bono Mack and Blackburn.

“Under our legislation, our nation’s best and brightest minds will finally be freed to work hand-in-hand to share information, develop safety protocols and put into place critical early-warning systems – much like a Weather Service advisory before a tornado – but shared between companies and federal authorities,” Bono Mack said in a released statement. “And just as importantly, we can accomplish all of this during these difficult economic times without creating a new bureaucracy and spending money that we don’t have, while protecting consumer privacy at the same time.”

The House and Senate SECURE IT Acts look to remove information-sharing barriers between private companies, offering incentives for collaboration such as legal protection. The Republican bills also seek to reform the Federal Information Security Management Act and toughen punishments for those caught committing cyber crimes.

In a released statement, Rep. Jim Langevin (D-R.I.) criticized the new House bill as “a major step backward in efforts to protect against the serious threat of severe economic and physical damage from a cyber attack.”

According to Langevin, the House SECURE IT Act does not do enough to effectively protect critical U.S. networks and interests.

“The SECURE IT Act would inexplicably have us continue to rely on the voluntary actions of the owners and operators of our key industries, namely the electric grid and water companies. However, that approach has failed us over the last decade,” Langevin said. “We do not accept voluntary safety standards for our airlines or in our food system, and we should not accept them when it comes to the utilities and infrastructure upon which we most rely. Cybersecurity legislation without critical infrastructure protection is dangerously inadequate.”