Irony of CompromiseGOP, Dems Can Reach Agreement on Cybersec Bills But ...
The irony is that despite the willingness for give and take on IT security legislation, the negative environment that has taken hold in Congress - and American politics as well - might prevent meaningful cybersecurity legislation from coming up for a vote even though there are many areas of agreement.
In introducing the House Republican legislative agenda for cybersecurity on Wednesday (see House GOP Unveils Cybersecurity Agenda), Rep. Mac Thornberry, the Texan who servers as the House GOP traffic cops on infosec matters, expressed a willingness to compromise: "There's a lot of room to work together within Congress and with the White House. It's essential that we do so because of the economic aspects and national security aspects [of IT]."
The toxic political atmosphere might prevent legislation that has nearly universal agreement from passing both houses.
And, Democrats were as effusive in seeking common ground. Encouraged by the Republican task force findings, Sen. Tom Carper, D-Del., who chairs a subcommittee with cybersecurity oversight, called on both houses to "redouble our efforts to pass this much needed cybersecurity legislation as soon as possible."
There are areas of fundamental disagreement on cybersecurity, such as how to get the mostly privately owned operators of the nation's critical IT infrastructure to assure their IT systems and networks are secure. Democrats, generally, favor tightening regulations; Republicans prefer voluntary incentives. Those differences won't be bridged in the 112th Congress.
But both sides seem to agree on the need to enhance the cyber needs of law enforcement; hiring new IT security personnel; and the need to address data breach notification. Another area where consensus exists is in reforming the Federal Information Security Management Act, the law that governs federal government IT security compliance. The GOP proposal is very similar to legislation Carper has championed for years that would require continuous monitoring of government IT systems. Indeed, there wouldn't need to be much compromising on FISMA reform because both sides are in general agreement.
Still, the toxic political atmosphere will likely prevent even legislation that has nearly universal agreement from passing both houses and reaching the president's desk for his signature. The unexpected has occurred in Congress before and could again. Perhaps lawmakers will prove me wrong. I hope so.