Senate cybersecurity bill fails, so Obama could take charge
The Pentagon wants Congress to pass a cybersecurity bill to safeguard critical assets such as the power grid. But Senate efforts failed, meaning President Obama might issue an executive order.
With new cybersecurity legislation failing to pass the Senate this week, expectations are growing that the White House will soon step in with an executive order to shore up cyberdefenses for the power grid, water purification, and other vital systems.Skip to next paragraph
Subscribe Today to the Monitor
White House officials have said that while the president prefers a broad legislative solution, the executive branch would have to act this year if Congress did not. A document purporting to be a leaked draft of the executive order has been on the Internet since September.
The possibility of a congressional solution this year appeared to be shot down Wednesday with the failure of a Senate cybersecurity bill introduced by Sens. Joe Lieberman (I) of Connecticut and Susan Collins (R) of Maine. Under the bill, operators of natural-gas pipelines, refineries, water-supply systems, and other vital assets would have been asked to voluntarily submit their computer networks to security testing by the Department of Homeland Security (DHS). In return, those industries would have gotten federal protection from financial liability.
An executive order could achieve some of these goals, but could not offer a liability exemption, making it potentially much more difficult for DHS to persuade private computer networks – which control 85 percent of the nation's critical infrastructure – to cooperate.
The bill failed because Senate majority leader Harry Reid did not allow amendments, said Sen. John McCain (R) of Arizona, who is the author of a competing bill. But others say the business community's concerns about the Lieberman-Collins bill were decisive.
"Frankly, the underlying bill is not supported by the business community for all the right reasons," Sen. Saxby Chambliss (R) of Georgia said on the Senate floor. "They're the ones that are going to be called to comply with the mandates and the regulations, and frankly it's just not going to give them the protection they need against cyberattacks."