Former NSA director General Keith Alexander said Thursday that Congress needs to pass cybersecurity legislation that will make it easier for government and the communications industry to work together to combat that threat.
That came in a speech to the American Enterprise Institute in Washington. He said that the government needed the ability to share threat info with industry, and industry with government. "We need cybersecurity legislation. We need to push that through."
He said he was not talking about sharing personally identifiable information, but instead "malicious activity."
He also said it was needed to provide protection for industry players who act on threat information supplied by the government. "If the government tells industry: 'Please block this traffic,' and [the government] makes a mistake, then industry should have some form of liability protection."
Dumbed down, he said, those are the keys to cyber legislation.
Congress has failed to find common ground on comprehensive cyber legislation on a variety of issues, including those.
Alexander also weighed in on the stories about NSA data collection based on Edward Snowden's leaks. He said the media had been on a "snipe hunt" for NSA malfeasance based on what could happen with data, not what did, which collection had been found to be legal—President Obama has said as much—and just what NSA had been asked to do. He pointed out that NSA does not set the agenda for data collection. He said that in terms of the data NSA collected, "the line was set by the administration, Congress and the courts."