Rockefeller Polls Fortune 500 on Cybersecurity Act

Says he does not believe they are as opposed to bill as Chamber indicated

By John Eggerton -- Broadcasting & Cable, 9/19/2012 9:20:18 AM

Sen. Jay Rockefeller (D-W. Va.) has sent letters to the Fortune 500 companies telling them that Congress' failure to pass cybersecurity legislation this year, specifically the Rockefeller-backed Cybersecurity Act of 2012, has left the country vulnerable to a "catastrophic" attack and asking them for their input on the bill and cybersecurity in general.

The administration has indicated the president may try mandate cybersecurity protection guidelines from a failed Democrat-backed bill via an executive order, which Rockefeller called for and supports. But both the senator and the administration have said that even with that order more needs to be done.

In the letter, Rockefeller says he wants to hear from the companies about their views of cybersecurity -- "without the filter of Beltway lobbyists." He says he is not sure that American companies are as "intransigently opposed" to the cybersecurity legislation he favors as the Chamber of Commerce, which pushed back hard against the Act, has indicated.

He has asked for some answers from the companies by Oct. 19 on a series of questions, including about their own best practices and what their concerns, "if any," about Cybersecurity Act of 2012 measures including defining critical infrastructure, conducting risk assessments and creating a "voluntary program that enables the federal government to develop, in coordination, best cybersecurity practices for companies to adopt as they so chose."

The initial bill put more teeth in those voluntary guidelines, suggesting government regulators should adopt those as rules and defend a decision not to do so. That was removed in an effort to secure Republican support, but that was not sufficient to assuage those critics, who preferred their own version of cybersecurity legislation, the SECURE IT Act, which focused on self-regulation and information sharing between industries and government, including protections from liability for the sharing of that info.