As most readers are aware, in the midst of the national turmoil following the bombings in Boston, the House of Representatives passed a version of the Cybersecurity Intelligence Sharing and Protection Act (CISPA) by a vote of 288-127. As I … Read more »
My Brookings colleague Allan Friedman, a technology and cybersecurity expert, sent over this comment on the House’s approval, yesterday, of the Cybersecurity Intelligence Sharing and Protection Act (“CISPA”). The public discourse about the bill troubles him:
For the past two
The House of Representatives has passed the Cybersecurity Intelligence Sharing and Protection Act, by a vote of 288-127. This happened after several amendments were adopted (most notably one offered by Rep. McCaul to make DHS the venue for information … Read more »
Michael J. Glennon, of Tufts University, has an important new piece out entitled “The Dark Future of Cybersecurity Regulation.“ It’s a realistic view, in my judgement, of the prospects of international cyber treaties. Here’s a taste from the … Read more »
It was a busy day on the House side in Cyber. The House Rules Committee reported out the Cybersecurity Intelligence Sharing and Protection Act for consideration on the House floor tomorrow. Meanwhile the White House issued a Statement of Administration … Read more »
As America continues to consider legislation for improving cybersecurity, the actions of other Western nations may (or may not) be of influence and interest. I recently received a management summary of the proposed German IT security legislation being drafted by … Read more »
The House Intelligence Committee has released a new draft of the Cybersecurity Intelligence Sharing and Protection Act. I think it is fair to say that the bill is becoming increasingly more moderate as it goes through iterations. As originally … Read more »
Those who follow the blog will know that I am skeptical of the government’s ability to construct a regulatory system for enhancing cybersecurity standards. I am often asked, however: “well, then what do you support?” I am pleased to … Read more »
Last week I noted that the House Judiciary Committee was circulating a proposal to reform the Computer Fraud and Abuse Act that was mostly a wish list for the Department of Justice. Yesterday a diverse group of organizations and individuals … Read more »
The House Judiciary Committee has released a draft cyber bill that would modify the Computer Fraud and Abuse Act. The bill is on a fast track as the House hopes to have a week of “cyber” legislation in the middle … Read more »
This morning was the Senate Select Intelligence Committee’s open hearing on worldwide threats to the United States. Witnesses included DNI James Clapper, newly-minted CIA Director John Brennan, NCTC Director Matthew Olsen, FBI Director Robert Mueller, Director of the DIA Lt. … Read more »
Last year, the House Intelligence Committee passed out a bill, the Cyber Intelligence Sharing and Protection Act (CISPA) that eventually was adopted with bipartisan support in the House of Representatives. The bill drew a veto threat from President Obama and … Read more »
My Brookings colleague Allan Friedman, a cybersecurity expert, sent me the following brief note following the State of the Union and the concurrent release of the president’s executive order on cybersecurity:
Why use the executive, rather than relying on legislation?
As Rafaella reported last night, President Obama went “all-in” on cybersecurity last night, marrying a substantive mention of cyber in his State of the Union address (I’m bitter about that — I bet against it, which shows you how … Read more »
The American Bar Association’s Standing Committee on Law and National Security has released audio recordings of its recent conference in Washington. Here they all are:
Day 1 – Thursday, November 29, 2012
Conference Overview and Welcome
Harvey Rishikof
Laurel
A colleague just pointed this out to me today. Buried in the Senate-approved NDAA is Section 936, which would require the Pentagon to “establish a process” for defense contractors that have classified information on their networks to report any … Read more »
One of the things that has struck me about the debate concerning cybersecurity legislation is that we don’t have a really good baseline of existing legal authorities for the protection of cyberspace. Slowly, that is changing. Here is one offering … Read more »
Here it is … this version is dated November 21, 2012, so it seems to be the current iteration: White House Draft Executive Order (Dated 11-21-12). Analysis to follow …..
As I noted, yesterday the Senate returned, briefly to consideration of the Cybersecurity Act of 2012. The rather half-hearted effort (I think that’s a fair characterization) ended as was inevitable — in fact, the motion to proceed to full consideration … Read more »
As I noted yesterday, Senator Reid has announced that the Cybersecurity Act of 2012 will return to the floor for consideration sometime before Thanksgiving (possibly as early as tomorrow). According to the Senate the procedure is that “a motion to … Read more »
In remarks today on the Floor, Senator Reid promised that the Lieberman-Collins cybersecurity bill would return to the floor before Thanksgiving. Here is the rough transcript of what he said:
WE’RE GOING TO HAVE A VOTE ON
CYBERSECURITY. I SPOKE
I’ve had a chance to read the draft Executive Order on cybersecurity now and several thoughts spring to mind.
For those who like the bottom line up front: I am, honestly, of two minds about this effort. On the one … Read more »
Well, here’s the “publicly circulating” draft of the executive order on cybersecurity, helpfully entitled: White House Draft Executive Order (Publicly Circulating Copy – 11-1-12). Note however that is dated SEPTEMBER 28, 2012 (i.e. more than a month ago) and … Read more »
Majority Leader Harry Reid issued the following statement today:
REID: SENATE WILL HAVE ONE MORE CHANCE TO PASS CYBERSECURITY LEGISLATION
Washington, D.C. – Senate Majority Leader Harry Reid issued the following statement following a speech by Defense Secretary Leon Panetta
Here’s a transcript of Defense Secretary Leon Panetta’s speech yesterday on cybersecurity in New York:
Remarks by Secretary Panetta on Cybersecurity to the Business Executives for National Security, New York CitySECRETARY OF DEFENSE LEON E. PANETTA: Thank you. Thank
Senator Lieberman has an op ed in the Washington Post today calling for a move forward on his cybersecurity legislation. Meanwhile, Senator Collins (one of the cosponsors of Lieberman’s bill) has called on the President NOT to issue an executive … Read more »
OK. I admit it. I made up the quote that is the title of this post. Senator Rockefeller never said any such thing. But he did almost as much by demonstrating (probably by accident) why industry fear the specter of … Read more »
Here is the letter sent today from the White House (courtesy of John Brennan) to Senator Rockefeller. It begins:
The executive branch national security team – including civilian, military and intelligence professionals – agrees that inadequate cybersecurity within our critical
Last week, Stewart Baker at Skating on Stilts described the leaked draft Executive Order on Cybersecurity (which he had not seen) as “focused.” Maybe so, but at 19 pages it seems rather less so to me. I’ll have more analysis … Read more »
Senators McCain, Hutchinson and Chambliss have an op ed in the Wall St. Journal today, urging President Obama to refrain from issuing a cyber Executive Order. Here’s a taste (I fear the full text is behind a registration wall — … Read more »
Details available from Skating on Stilts — HT: Stewart Baker. I’ll have some analysis and thoughts later this weekend.
Over at the Volokh Conspiracy, Stewart Baker wonders how much President Obama could get done with an executive order on cybersecurity—now that the legislation has failed. Quite a lot, he argues:
In short, an aggressive executive order could do
Over at the Volokh Conspiracy, Stewart Baker has this interesting piece on whom to blame for the collapse of the cybersecurity bill, which failed on a cloture vote in the Senate the other day. Baker suggests four culprits–two on the … Read more »
And so it ends, not with a bang but with a whimper. Despite letters from the Director of NSA, General Alexander and the Chairman of the Joint Chiefs of Staff, General Dempsey the motion to close the debate on the … Read more »
That’s the word from the Senate — Majority Leader Harry Reid has filed for cloture to conclude the debate on the Cybersecurity Act of 2012 — debate that began in earnest earlier today. In addition, he s invoked a procedural … Read more »
Senator Leahy has an proposed Cybercrime Amendment to S3414 that would, effectively, substantially enhance penalties for cyber crime and impose mandatory minimum sentences. There are plenty of reasons to be skeptical of this — but the main one offered by … Read more »
Ah … the life of a “journalist.” I don’t think of myself that way, but now I have a couple of confidential sources (or so it seems). Attached here is the Whitehouse-Kyl compromise language for replacing Title I of the … Read more »
My correspondent (and friend) Gus Coldebella, wrote in the other day with a response to an earlier post of mine, in which he wondered what the meaning of section 706(d) of the Lieberman-Collins bill is. I hadn’t noticed … Read more »
Gus Coldebella, former Deputy General Counsel (and Acting General Counsel) for DHS and now a partner at Goodwin Proctor write in with this addition comment on the liability provisions of the Lieberman-Collins bill [I added the hyperlink to my prior … Read more »
Here is the Administration’s Statement of Administration Policy on the Lieberman-Collins bill. On the regulatory provisions and the information-sharing liability provisions they are drawing a line in the sand:
The revised bill contains critical-infrastructure protection measures that are less robust
Ryan Radia, who works for the Competitive Enterprise Institute, writes in with a few a couple of addition points about the liability exemption provisions of the Lieberman-Collins bill in Section 706. He notes:
- It isn’t clear to me
Word is that Senator Reid has filed cloture on the motion to proceed to consideration of the Lieberman-Collins bill. [UPDATE: At the request of two readers I’ve uploaded the latest version of the text of the bill. As with … Read more »
Senate Majority Leader Reid spoke on the Senate floor earlier today explaining why the Senate needed to consider cybersecurity legislation as an urgent matter and, in particular, why he would prioritize the cyber bill over the Defense Authorization bill. You … Read more »
As we have all noted, Senators Lieberman and Collins have proposed a revised version of their cybersecurity legislation. They’ve touted it as a compromise bill that moves closer to the middle and addresses industry concerns. If this Myth v Fact … Read more »
As I noted on Friday, Senators Lieberman and Collins have released a Manager’s Amendment in the form of a substitute which reflects some significant changes to their original bill. You can access the full text of the amendment here… Read more »
This op-ed in today’s Wall Street Journal is part of the Administration’s push for comprehensive cyber legislation. Here’s a taste of his views:
It doesn’t take much to imagine the consequences of a successful cyber attack. In a future conflict,
Late last night Senators Lieberman and Collins introduced revised cybersecurity legislation. A short summary of the revised Cybersecurity Act of 2012 suggests that the major changes are 1) elimination of a mandatory regulatory system in favor of a voluntary one, … Read more »
Some time ago I began an answer to Jack Goldsmith on why I thought cybersecurity regulation was the wrong answer to our current cyber problems. Other commitments, including paying clients!, got in the way of further developing the argument, but … Read more »
Jessica Herrera-Flanigan certainly seems to think so and, honestly, I can’t disagree with her. From the article:
Even if cybersecurity legislation does get through the Senate, there is not a clear path forward for reconciling that bill (or bills) with
As the prospects for real cybersecurity legislation seem to fade, this may be a product whose time has already come and gone. Nevertheless, for those who want a handy chart outlining (in far too brief a fashion) the major similarities … Read more »
Wednesday, May 22, 2013
In one of the strangest stories I’ve come across in a long time—and there have been many—news reports say an FBI agent shot and killed an Orlando man with ties to deceased Boston bombing suspect Tamerlan Tsarnaev. Ibragim Todashev was not suspected of playing a role in the bombings, but, during questioning, confessed nevertheless to playing a role in a triple homicide in the Boston area. After his confession, Todashev allegedly… Read more »
