Cybersecurity legislation failed in Senate for a second time on
Wednesday despite calls from Defense Secretary Leon Panetta and other
national security officials for Congress to pass a bill.
A procedural motion to move forward on the Cybersecurity Act, introduced by Sens. Joe Lieberman (I-Conn.) and Susan Collins (R-Maine), was rejected in a 51-47 vote.
Wednesday's vote marks a bitter end for the cybersecurity bill and
kicks any legislative action on the matter on to next year. This is the
closest the Senate has gotten to passing major cybersecurity legislation
in recent years, and members from both parties had negotiated for months
to try to reach a compromise on the bill.
"The bill that was and is most important to the intelligence community was just killed, and that's cybersecurity," Senate Majority Leader Harry Reid (D-Nev.) said following the vote. "Whatever we do for this bill, it's not enough for the U.S. Chamber of Commerce. So everyone should understand cybersecurity is dead for this Congress. What an unfortunate thing, but that's the way it is."
The Cybersecurity Act would have encouraged companies that operate critical infrastructure — such as water plants, electric companies and transportation networks — to take steps to boost the security of their computer systems and networks. It also aimed to make it easier for industry to share information about cyber threats spotted on their networks with the government.
President Obama urged the Senate to pass the bill in a Wall Street Journal op-ed prior to the August vote, arguing that it "would be the height of irresponsibility to leave a digital backdoor wide open to our cyber adversaries." Wednesday's vote opens the door for the White House to issue the executive order it started crafting after the Senate bill failed in August.
Prior to the vote, Lieberman warned that the president would be compelled to issue the executive order if the Senate voted against moving the bill forward. But he noted that the cyber order would not accomplish everything that legislation could, including liability protection that would safeguard companies from legal action if they're hit by a cyberattack.
"I'm confident that if we fail to act, the president will act," Lieberman said. "I think he has a responsibility to act because if we don’t we’re leaving the American people extremely vulnerable to a cybersecurity attack.”
Earlier in the day, Reid issued a warning about the cyberthreat facing the United States.
"National security experts say there is no issue facing this nation more pressing than the threat of a cyber attack on our critical infrastructure," Reid said. "Terrorists bent on harming the United States could all too easily devastate our power grid, our banking system or our nuclear plants."
Senate Intelligence Committee Chairwoman Dianne Feinstein (D-Calif.), a co-sponsor of the cybersecurity bill, said she has received intelligence warning that cyberattacks are "increasing in number, sophistication and damage."
"This is a wakeup call and we ignore it at our own peril," she cautioned.
Sen. John McCain (R-Ariz.) said he believed the cybersecurity bill could move forward if Reid allowed around five amendments. Following the vote, Reid argued that he would have allowed a finite list of germane amendments from Republicans, including the five that they were seeking.
Republicans and Democrats failed to see eye to eye on how to beef up the nation's cybersecurity defenses, even after Lieberman and the co-sponsors of the Cybersecurity Act introduced a revised version of their bill to win more GOP votes.
McCain, Sen. Kay Bailey Hutchison (R-Texas) and a group of Senate Republicans had introduced a rival cybersecurity bill this spring, the Secure It Act, that focused on improving information-sharing about cyberthreats, but it did not include measures aimed at creating security standards for critical infrastructure. The GOP senators contended that improving information-sharing was the best approach because it would not tack additional regulations onto industry.
The co-sponsors of the competing bills had worked furiously this summer to try to find a compromise, to no avail.
Before the vote, Republicans senators argued that Reid was playing politics by trying to jam the sweeping cybersecurity bill through the Senate without holding an open amendment process. They also argued that industry still held legitimate concerns with the measure and it would not adequately address the rising cyberthreat.
"Frankly, the underlying bill is not supported by the business community for all the right reasons," said Sen. Saxby Chambliss (R-Ga.). "They're the ones that are going to be called to comply with the mandates and the regulations, and frankly it's just not going to give them the protection they need against cyberattacks."
Sen. Chuck Grassley (R-Iowa) pushed back against Democrats' claims that Republicans were threatening national security by not voting in favor of moving the bill forward, saying "disagreements over how to address policy matters shouldn't evolve into accusations about a member's willingness to tackle the issue."