Chinese cyber attacks on Google and others may accelerate Congressional action on cybersecurity

One effect of Google’s public disclosure of hacking attempts ascribed to the Chinese government appears to be a greater sense of urgency in Congress to enact new cybersecurity legislation. While a strong response from the administration may or may not be forthcoming, lawmakers who had already been working on security bills see the Google-China incident as only the latest in a long line of compelling reasons to act. Sen. Jay Rockefeller of West Virginia, who, along with Maine’s Sen. Olympia Snowe has co-sponsored the draft Cybersecurity Act of 2009, has indicated in public statements that he intends to prioritize getting the bill out of committee and under consideration by the full Senate. The bill, introduced as S. 773, includes a broad-ranging set of provisions for standardizing approaches and oversight for security controls, monitoring, vulnerability disclosure, threat assessment, and risk management. The bill as drafted would greatly expand the authority and role of the Department of Commerce, including but not limited to responsibilities for NIST not only to establish and promulgate cybersecurity standards, but also to enforce compliance.