Security Experts:

Connect with us

Hi, what are you looking for?


Security Infrastructure

US Lawmakers Offer Cybersecurity Olive Branch

WASHINGTON – Backers of a cybersecurity bill which stalled in Congress last year offered changes Monday in an effort to ease concerns of privacy and civil liberties activists.

WASHINGTON – Backers of a cybersecurity bill which stalled in Congress last year offered changes Monday in an effort to ease concerns of privacy and civil liberties activists.

The two top lawmakers on the House Intelligence Committee said the panel would meet Wednesday to vote on the Cyber Intelligence and Sharing Protection Act, a measure which passed the House last year but died in the Senate.

The lawmakers said they would propose several amendments to the bill, under which internet companies can give the government information about what they see as potential security threats and they are protected from liability for providing the information.

Last year, the measure provoked a storm of protests from Internet and civil liberties activists, and the White House threatened a veto.

Civil libertarians claim such laws could allow too much government snooping and conservatives say they would create new bureaucracy.

House Intelligence Committee chairman Mike Rogers and ranking Democrat Dutch Ruppersberger said lawmakers were listening to those concerns, but that the issue has become more pressing in the past year with revelations about new cyber threats.

“We’ve made some significant improvements,” Rogers told a conference call Monday, saying that he and Ruppersberger were backing amendments addressing key fears.

Ruppersberger said the White House “is still not behind our bill, but we are working with them and with the privacy groups.”

The lawmakers said they would insert a more narrow definition of national security in the bill.

The amendments would also seek to clarify that Internet firms could only use data about threats for cybersecurity purposes, not for marketing or other commercial uses, and would give more oversight to privacy officers at federal agencies.

“Because the threat is so real I think everyone realizes we have to do everything we can to come together to pass a bill to protect our citizens,” Ruppersberger said.

It was not immediately clear if the proposed changes would blunt criticism from the broad coalition of groups that unveiled plans last week to oppose CISPA.

Greg Nojeim of the Center for Democracy and Technology said the changes failed to address one key concern — that information could be accessed by the top-secret National Security Agency, a branch of the military.

“This endangers civil liberties, undermines transparency and therefore public trust, and drew a veto threat from the White House last year,” said Nojeim.

“While some of the amendments described today could be helpful, civilian control is the elephant in the room that CISPA co-sponsors refuse to address.”

Michelle Richardson of the American Civil Liberties Union told a Reddit forum Monday that “a lot of politicians are under the mistaken belief that CISPA is a narrowly targeted bill.”

“They are not aware of the sweeping implications of the bill — empowering the military on our Internet, sharing personally identifying info, use for non-cyber purposes,” she said.

President Barack Obama in February issued an executive order aimed at ramping up protection from cyberattacks, but said legislation is still needed.

US administration officials and lawmakers acknowledge that his order creates no new authority and that legislation is needed to better safeguard networks for key systems such as power grids, banks and air traffic control.

RelatedWhite House Issues National Insider Threat Policy

RelatedObama Releases National Strategy for Information Sharing

RelatedDepartment of Defense Expands Information Sharing Initiative

RelatedTaking the Blinders Off – The Value of Collective Intelligence

RelatedCombating Emerging Threats Through Security Collaboration

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Security Infrastructure

Comcast jumps into the enterprise cybersecurity business, betting that its internal security tools and inventions can find traction in an expanding marketplace.


Identity and access governance vendor Saviynt has closed a $205 million financing round.

Security Infrastructure

XDR's fully loaded value to threat detection, investigation and response will only be realized when it is viewed as an architecture


Security orchestration, automation and response (SOAR) provider Swimlane on Monday announced the launch of a security automation solution ecosystem for operational technology (OT) environments.

Cloud Security

The term ‘zero trust’ is now used so much and so widely that it has almost lost its meaning.

Incident Response

Created and maintained by MITRE, MITRE D3FEND is a framework that provides a library of defensive cybersecurity countermeasures and technical components to help organizations...