Congress is moving swiftly on legislation aimed at beefing up the nation’s cybersecurity infrastructure — but even that may not be fast enough.
The private sector owns or operates more than 80 percent of our critical infrastructure, including our energy, banking and finance and transportation systems. Recent Senate measures, in addition to certain House ones, would give the federal government more involvement to protect that infrastructure.
For instance, the bipartisan Senate Bill 2105 would require owners of the most critical infrastructure to meet certain cybersecurity requirements and give regulatory authority to the Department of Homeland Security. Among other things, it would establish a unified DHS office of cybersecurity.
Federal intervention is needed. The computer worm Stuxnet physically damaged Iran’s Natanz nuclear facility, and its source code is available on the Internet. Many are concerned that a similar worm could be re-engineered to cause damage to U.S. industrial control systems.
The lack of a single catastrophic cyber emergency has created complacency. In the meantime, the Chinese and “hacktivist” groups such as Anonymous continue to bleed us of our intellectual property, data and innovative R&D.