Sen. Jay Rockefeller (D-W. Va.) has sent letters to
the Fortune 500 companies telling them that Congress' failure to pass
cybersecurity legislation this year, specifically the Rockefeller-backed
Cybersecurity Act of 2012,
has left the country vulnerable to a "catastrophic" attack and asking
them for their input on the bill and cybersecurity in general.
The administration has indicated the president may try mandate cybersecurity
protection guidelines from a failed Democrat-backed bill via an executive
order, which Rockefeller called for and supports. But both the senator and the
administration have said that even with that order more needs to be done.
the letter, Rockefeller says he wants to hear from the companies about their
views of cybersecurity -- "without the filter of Beltway lobbyists." He
says he is not sure that American companies are as "intransigently
opposed" to the cybersecurity legislation he favors as the Chamber of
Commerce, which pushed back hard against the Act, has indicated.
has asked for some answers from the companies by Oct. 19 on a series of
questions, including about their own best practices and what their concerns,
"if any," about Cybersecurity Act of 2012 measures including defining
critical infrastructure, conducting risk assessments and creating a
"voluntary program that enables the federal government to develop, in coordination,
best cybersecurity practices for companies to adopt as they so chose."
initial bill put more teeth in those voluntary guidelines, suggesting
government regulators should adopt those as rules and defend a decision not to
do so. That was removed in an effort to secure Republican support, but that was
not sufficient to assuage those critics, who preferred their own version of
cybersecurity legislation, the SECURE IT Act,
which focused on self-regulation and information sharing between industries and
government, including protections from liability for the sharing of that info.