Cyber-focused industry groups could well be happy with the incoming chair of the Senate Homeland Security and Governmental Affairs Committee.
Sen. Ron JohnsonRonald (Ron) Harold JohnsonLiberal group launches campaign urging Republicans to support Biden's agenda Domestic extremists return to the Capitol GOP senator: Buying Treasury bonds 'foolish' amid standoff over debt ceiling, taxes MORE (R-Wis.), as expected, will head the panel come January, giving him a great deal of influence on next year’s cybersecurity agenda.
Senate Republicans on Monday revealed their committee assignments for the next Congress, when the GOP will become the majority party after a nine-seat gain in the 2014 midterm elections.
If Johnson's past comments on the cybersecurity issues are any indication, his agenda will focus on moving legislation to facilitate industry-driven cyber standards and providing legal protections for companies wanting to share information.
That dovetails well with what industry groups have called for from Congress over the last year. They've insisted a legal safe harbor is needed before the public and private sector can exchange information necessary to defending critical infrastructure.
Johnson was widely expected to be tapped as the next Homeland Security chair, which holds sway over much of the cybersecurity legislation that passes through Congress. The Wisconsin Republican has said cyber will remain a top priority for the committee when he takes over.
In 2014, Homeland Security was behind much of the late flurry of cyber bills that the lame-duck Congress actually passed. Generally, the bills codify the cybersecurity roles at different government agencies.
The bills will also expand the Department of Homeland Security’s (DHS) role in protecting government agencies from data breaches while bolstering the department’s ability to hire and train a cyber workforce.
Johnson has shown wariness of the DHS’s cyber capabilities in the past.
“The very idea of placing DHS at the helm on cybersecurity should concern every American,” he wrote in a March 2012 op-ed for The Hill. “DHS has been cited numerous times for inefficiency and waste.”
Government agencies should not be in charge of creating any cybersecurity standards for businesses, Johnson argued.
“I do not believe this is the right strategy because I have little faith in the ability of the federal government to be the leader on cybersecurity,” he said.
Johnson believes standards must be industry-driven.
“The federal bureaucracy simply cannot compete with the private sector’s expertise and dexterity in identifying and implementing effective solutions,” Johnson argued in a July 2012 op-ed for Politico that was co-authored with Sen. Saxby Chambliss (R-Ga.).
“Washington should facilitate — rather than dictate — cybersecurity,” the senators wrote.
Johnson has co-sponsored legislation to that effect.
A 2012 bill, the Secure IT Act, would have shielded companies sharing cyber info from “frivolous lawsuits,” he said in The Hill op-ed.
The bill was also meant to remove “legal roadblocks that prevent the private sector and government from sharing cyber threat information.”