Friday, February 18, 2011

New Anti Kill-Switch Bill Introduced

The three U.S. senators that were initially responsible for legislation that many dubbed the "Internet Kill-Switch" have introduced a new bill that would clearly and concisely remove those powers from government control.

The new legislation entitled the Cybersecurity and Internet Freedom Act (PDF) explicitly states that “neither the President, the Director of the National Center for Cybersecurity and Communications or any officer or employee of the United States Government shall have the authority to shut down the Internet.” It also provides an opportunity for judicial review of designations of our most sensitive systems and assets as “covered critical infrastructure.”

In a statement released this afternoon Senator Lieberman the original author of the "Internet Kill Switch" said:

“We want to clear the air once and for all. As someone said recently, the term 'kill switch' has become the ‘death panels’ of the cybersecurity debate. There is no so-called ‘kill switch’ in our legislation because the very notion is antithetical to our goal of providing precise and targeted authorities to the President. Furthermore, it is impossible to turn off the Internet in this country. This legislation applies to the most critical infrastructures that Americans rely on in their daily lives – energy transmission, water supply, financial services, for example – to ensure that those assets are protected in case of a potentially crippling cyber attack.  

The so-called ‘internet kill switch’ debate has eclipsed discussion of actual, substantive provisions in this bill that would significantly improve the security of all Americans by creating a new national center to prevent and respond to cyber attacks, requiring critical infrastructure owners - for the first time - to shore up cyber vulnerabilities, and establishing a strategy to secure the federal IT supply chain.  I look forward to working with Senator Reid to bring comprehensive cyber security legislation to the floor early this year.”

I haven't yet had the chance to review all of the new 221-page bill but have noticed the addition of the the new provision and have to say this is definitely a major step in the right direction. The old versions of the bill were very vague and offered broad wording.

Much of the old bill remains and many of the provisions are still in place. For instance the new bill would require the creation of the National Center for Cybersecurity and Communications, the creation of a Directors position for that agency and the establishment of a cybersecurity research and development program in the U.S. Department of Homeland Security.

Other provisions include the creation of regulations to require owners of critical infrastructure to fix cyber-vulnerabilities and would create a national center focused on preventing and responding to cyberattacks. The bill also would reform the cybersecurity rules for federal agencies, and it would setup guidelines for the hiring and training of federal employees and contractors engaged in the design, development, or operation of agency information infrastructure.

No comments:

Post a Comment

All comments will be moderate for content, please be patient as your comment will appear as soon as it has been reviewed.

Thank you