Republicans and democrats still can’t come to a conclusion on cybersecurity legislation. Concerns about overstepping into the private sector, on one hand, or not having enough weight to make a difference, on the other, have kept either side from consensus. Fundamental differences remain, and the White House continues to weigh the utility of issuing its own executive order on the matter.
Symantec, a security firm, says that businesses around the world will lose at least $114 billion annually due to cybercrime. With so much to lose, cyber legislation seem like an easy solution. But as a recent article in NextGov outlined, there are key reasons why cyber legislation continues to stall.
- Private ownership. About 80 or 90 percent of computer networks are owned by private businesses. Civil liberties groups fear the government role could undermine privacy and free speech. Businesses fear that the government regulation would add to their burdens. Federal officials need to ensure that networks such as electric grids and water-treatment plants meet basic security standards.
- Privacy. Republicans, democrats and businesses think new rules are needed in order to allow firms to tell government agencies about the attacks they face. In order for them to share more classified intelligence they collect on cyber threats, they need to give government agencies the ok. Many individuals fear such access could lead to government monitoring of Americans’ communications. Once again at odds are competing interests of privacy, security and civil liberty.
- Competing agencies. Ideally, government agencies would collaborate to tackle cyber threats. But as the intelligence community has already discovered, information sharing, even for a common goal, is difficult. Oversight often becomes a turf war, and concerns already exist that government agencies wouldn’t be equipped to handle an attack on critical infrastructure, if one was to occur.
- Changing technology. Technology changes too frequently for government regulations to keep up. This argument has been used effectively against legislation on issues like privacy and online competition.
- Scope. Solving cybersecurity problems is no easy task. “Cybersecurity” can be described as anything from “theoretical cyberattacks by terrorists or enemy states that send aircraft plunging out of the sky to malware installed by a hacker to steal e-mail passwords.” Legislation would have to deal with defining a cyber attack, as well as being prepared to issue a response.