House Intelligence Committee Chairman Mike Rogers (R-Mich.) has introduced his bipartisan cybersecurity bill.
The bill allows, and encourages, the government to share certain cyber threat intelligence with private entities, like ISPs. That threat information is any information in the intelligence community directly pertaining to the vulnerability of a network, government or private to efforts to degrade, disrupt or destroy the system or steal public or private information, intellectual property, or personally identifiable information.
Rogers says it is intended to help "American companies secure their computer networks and safeguard their intellectual property from cyberattacks. The information would only be shared with a "certified entity" or someone else with a security clearance.
The bill, which is co-sponsored by ranking member Dutch Ruppersberger (D-Md.), is backed by the National Cable & Telecommunications Association, CTIa abnd USTelecom and was unveiled at NCTA headquarters Wednesday.
"We applaud Chairman Rogers and Ranking Member Ruppersberger for introduction of the Cyber Intelligence Sharing and Protection Act of 2011 that will ensure better information sharing between all stakeholders involved in protecting our nation's critical cyber infrastructure," said NCTA President Michael Powell Wednesday. "We appreciate that this legislation avoids a prescriptive regulatory regime that does not fit the constantly evolving cyber threat environment and it appropriately allows individual companies to determine how they can best participate. This legislation will protect both our national security and our customers and has the strong support of the nation's cable, telephone and wireless industries. We urge Congress to swiftly pass the Cyber Intelligence Sharing and Protection Act of 2011 into law."
The door swings both ways, with the government expecting to get cybersecurity threat info from the private sector as well, which the government promises not to use "for regulatory purposes." It also immunizes the private sector from criminal or civil liability for using cybersecurity systems, sharing information, or not acting on information obtained or shared.
That info sharing will also be vetted by the Privacy and Civil Liberties Oversight Board (http://www.justice.gov/opcl/pclb.htm).
NCTA has long argued for strong industry-government partnerships and the ability for businesses to respond to online threats ((http://www.ncta.com/Search.aspx?t=cybersecurity)). The latter was an issue with the broadband plan and a factor in cable's argument in the network neutrality debate for the need for flexible network management.