OFFICIALS LEGISLATION INTEREST GROUPS PUBLIC STATEMENTS COMMITTEES VETOES

Cybersecurity - Washington is Chasing the Wrong Solution to a Growing Problem

Statement

By: Ron Wyden
By: Ron Wyden
Date: June 10, 2015
Issues: National Security Technology and Communication

Keeping America's digital information and computer systems safe is poised to be one of the defining security challenges of the coming decades.

It is clear that private companies and federal agencies alike are falling short. When Chinese and Russian hackers penetrate major corporations and government files on a seemingly weekly basis, our country should already be on red alert.

But the solutions being discussed in Congress would do little, if anything to stop these hacks, according to most independent security experts (see here and here). The so-called cybersecurity bill in the Senate would encourage private companies to share their customers' information with the government, without giving individual Americans real assurances their private information will be protected. In fact law-enforcement agencies could go after Americans for crimes that have nothing to do with cybersecurity based on information companies give to the government.

At the same time that the bill creates a new way to collect Americans' information without a warrant, the bill also gives corporations blanket immunity for providing information to the federal government, and would prohibit that data from being used to police those corporations. I do not agree that corporations' privacy is more important than individuals' privacy. And I do not agree that the best way to improve cybersecurity is to make it harder for individuals to sue these corporations.

This week the Wall Street Journal Editorial Board asked if I had any suggestions to protect against hacks of government-held information.
The way to address this threat, with regard to OPM and other government-held data, is to ensure that federal agencies receive the funding and expertise necessary to develop and implement robust security programs, and to ensure that these agencies have the technical and administrative controls that they need to combat a wide variety of cybersecurity threats.

It is also important for the US to invest in the education of the next leaders in cybersecurity, and to recruit and retain a strong federal cybersecurity workforce by ensuring that cybersecurity professionals can find opportunities and career paths in government that are as rewarding as those in the private sector.


Source
arrow_upward