The Act would establish optional security standards and certification for private companies that provide critical infrastructure to the country. However, the parties came to an impasse over the Act, sunk over the summer by resistance from Sens. Joe Lieberman (I-Conn.) and Susan Collins (R-Maine).
Senate Minority Leader Mitch McConnell (R-Ky.) and Sen. Kay Bailey Hutchison (R-Texas) vowed to keep talks on cybersecurity alive during the fall, but the election season and list of things that Congress will need to handle during its upcoming post-election session all point to little or no movement on that front. So, regardless of political will at the top, analysts say it is unlikely that any meaningful legislation will make it through a lame-duck Congress.
"The only cybersecurity bill I can see possibly moving in the lame-duck session is the Cyber Information Sharing & Protection Act (CISPA) passed by the House earlier this year," said Internet Security Alliance President (ISA) Larry Clinton, speaking to SearchSecurity.
President Obama, however, is mulling an executive order to effect what a log-jammed Congress will not. That could come quickly after the election.
John Brennan, White House homeland security adviser told the Council on Foreign Relations this week that an executive order would be a “good vehicle” to direct government actions to improve cybersecurity at critical infrastructure facilities.
"One of the things that we need to do in the executive branch is to see what we can do to maybe put additional guidelines and policies in place under executive branch authority,” Brennan said.
As Infosecurity previously reported, the campaigns have significant differences in their cybersecurity approaches. Mirroring larger differences as to the role of government, the Democratic plank urges a strong centralized approach to the nation’s information infrastructure. The GOP platform, on the other hand, warns of the dangers of too much regulation and of government involvement in research.
The Dems are including initiatives like funding new research investment and implementing standards for security measures for critical infrastructure. "We will continue to take steps to deter, prevent, detect, and defend against cyber intrusions by investing in cutting-edge research and development, promoting cyber-security awareness and digital literacy, and strengthening private sector and international partnerships," reads the Democratic platform.
Conversely, the GOP platform cautions that such an approach would merely add to Federal spending and bureaucracy. Instead, private security vendors should be tapped and better communications lines opened up between security professionals and the government to keep on top of current threats.