Share

Top 5 Stories

News

House, Obama Administration nearing an agreement on CISPA

04 March 2013

US House of Representatives Intelligence Committee Chairman Mike Rogers (R-Mich.) said that his committee’s negotiations with the White House on a new cybersecurity bill have resumed, with a draft for markup on target to appear in April.

"We're still negotiating a lot of little pieces of the bill with privacy groups and the White House, and we're having great conversations with both Democrat and Republican senators now, so I'm hoping to have that wrapped up by April, where we can actually move a product in April," Rogers told the Hill.

A new version of the Cyber Intelligence Sharing and Protection Act (CISPA) was introduced in the House by Rogers and ranking member Rep. Dutch Ruppersberger (D-Md) last month. A similar joint bill passed the House last year, but died in the Senate amid administration objections.

The bill is primarily an information-sharing initiative, which would make it easier for private corporations and government entities to share information on threats, attacks and remedies in order to shore up defenses. However, at issue is the scope of the roles that the Department of Homeland Security and other government agencies would have, and how personal information will be used and protected.

The House bill as written would offer broad protection from lawsuits to companies that give over user data to the Department of Homeland Security, which in turn would share it with intelligence agencies on a need-to-know basis. But parsing out user data only related to specific threats is an onerous process for companies, requiring significant IT investment. Plus, it is likely that a good amount of unrelated personal information could slip through the reporting cracks, which has opened up questions of privacy.

"Candidly, you don't need a lot of personal information to fight the threat," Rogers told Reuters.

Rogers said the talks have been spurred along by recent high-profile hacks at venerable institutions like the New York Times, and major technology companies like Apple and Facebook.

"What helped is that the New York Times, Washington Post and Wall Street Journal were all hacked and they talked about it publicly," Rogers said. "It is starting to raise awareness. I can feel movement."

Rogers also said that state-sponsored cyber-terrorism activity is forcing everyone’s hands. For instance, he has "a high degree of confidence" that Iran was behind the recent spate of attacks on financial institutions as well as the August 2012 attack on Saudi Aramco that took out 30,000 PCs.

"You have this non-rational actor that has the capability to cause chaos to people's networks and could be economically destructive,” Rogers said.

This article is featured in:
Compliance and Policy  •  Industry News  •  Internet and Network Security  •  Public Sector  •  Security Training and Education

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×