By Joby Warrick and Walter Pincus
Washington Post Staff Writers
April 1, 2009
Key lawmakers are pushing to dramatically escalate U.S. defenses against
cyberattacks, crafting proposals that would empower the government to
set and enforce security standards for private industry for the first
The proposals, in Senate legislation that could be introduced as early
as today, would broaden the focus of the government's cybersecurity
efforts to include not only military networks but also private systems
that control essentials such as electricity and water distribution. At
the same time, the bill would add regulatory teeth to ensure industry
compliance with the rules, congressional officials familiar with the
plan said yesterday.
Addressing what intelligence officials describe as a gaping
vulnerability, the legislation also calls for the appointment of a White
House cybersecurity "czar" with unprecedented authority to shut down
computer networks, including private ones, if a cyberattack is underway,
the officials said.
How industry groups will respond is unclear. Jim Dempsey, vice president
for public policy at the Center for Democracy and Technology, which
represents private companies and civil liberties advocates, said that
mandatory standards have long been the "third rail of cybersecurity
policy." Dempsey said regulation could also stifle creativity by forcing
companies to adopt a uniform approach.
Best Selling Security Books and More!