Senate Commerce panel unveils cybersecurity bill

ADVERTISEMENT
The draft bill would task the National Institute of Standards and Technology (NIST), a Commerce Department agency, with developing voluntary cybersecurity standards and best practices for critical infrastructure, such as banks and power plants. 

The legislation also aims to improve cybersecurity research, education and public awareness.

A sticking point last year for Senate Republicans was a provision in the cybersecurity bill that would have given the Department of Homeland Security the authority to enforce mandatory cybersecurity standards for critical infrastructure. Backers of the legislation, including Rockefeller, argued the mandatory standards were necessary to protect vital systems from hackers, but critics considered them harmful overregulation. 

Revisions last year to make the standards voluntary failed to win over the bill's opponents.

The Senate is expected to work on several separate cybersecurity bills this Congress through the normal committee process, as opposed to the single comprehensive bill that was brought directly to the Senate floor last term.

Rockefeller would support legislation to improve information sharing between the government and private sector on cybersecurity, the committee aide said. But that issue would likely be handled by the Senate Intelligence Committee.

Earlier this year, the House passed its own cybersecurity bill, the Cyber Intelligence Sharing and Protection Act (CISPA), which focused only on information sharing and did not include any security standards.