Senate gets two more bipartisan cyber bills

Senate gets two more bipartisan cyber bills
© Greg Nash

Sen. Kirsten GillibrandKirsten GillibrandInternal Democratic poll: Desiree Tims gains on Mike Turner in Ohio House race Hillicon Valley: Facebook, Twitter's handling of New York Post article raises election night concerns | FCC to move forward with considering order targeting tech's liability shield | YouTube expands polices to tackle QAnon Democrats question Amazon over reported interference of workers' rights to organize MORE (D-N.Y.) discussed on Tuesday two new bipartisan bills to fight hackers.

“Our approach to cybersecurity so far has been certifiably wrong,” Gillibrand said during breif remarks on the floor. “We desperately need to modernize our cyber laws.”


Sen. Mark KirkMark Steven KirkThe Hill's Morning Report - Sponsored by Facebook - Senate makes SCOTUS nominee Barrett a proxy for divisive 2020 Senate Republicans scramble to put Trump at arm's length Liberal veterans group urges Biden to name Duckworth VP MORE (R-Ill.) is the lead on one of the bills, the Data Breach Notification and Punishing Cyber Criminals Act. The measure would raise punishments for hacking and require companies to notify customers within 30 days of discovering a data breach.

The other bill, the Cybersecurity Information Sharing Credit Act, would give companies a tax credit for sharing cyber threat data with other businesses in their industry. Sen. Jerry MoranGerald (Jerry) MoranLobbying world This World Suicide Prevention Day, let's recommit to protecting the lives of our veterans Hillicon Valley: Zuckerberg acknowledges failure to take down Kenosha military group despite warnings | Election officials push back against concerns over mail-in voting, drop boxes MORE (R-Kan.) is also backing the measure.

The bills “would help to modernize the way this country approaches cybersecurity,” Gillibrand said. “Congress needs to get with the times and realize that the Internet is no longer a new concept.”

Congress has made cybersecurity legislation a top priority in 2015, following a series of massive data breaches at companies like Anthem, Home Depot, Target and Sony.

Both chambers have been working to move a series of bill that would encourage industry to share more cyber threat data with the government.

Lawmakers built a broad, bipartisan consent for the measures. The House is expected to pass its efforts this week, and the Senate will likely vote on its companion piece, the Cybersecurity Information Sharing Act (CISA), in the coming weeks.

But legislators have been less successful with other cyber bills.

The Gillibrand-Kirk data breach notification bill is now the third iteration of Senate legislation introduced this year that would mandate some type of consumer notification following a data breach.

Sen. Bill NelsonClarence (Bill) William NelsonSenate Democrats want to avoid Kavanaugh 2.0 Democrats sound alarm on possible election chaos Trump, facing trouble in Florida, goes all in MORE (D-Fla.) has his own bill, which reflects a White House proposal. Sens. Tom CarperThomas (Tom) Richard CarperOVERNIGHT ENERGY: Democrats allege EPA plans to withhold funding from 'anarchist' cities | Montana asks court to throw out major public lands decisions after ousting BLM director | It's unknown if fee reductions given to oil producers prevented shutdowns Democrats allege EPA plans to withhold funding from 'anarchist' cities Energy innovation bill can deliver jobs and climate progress MORE (D-Del.) and Roy BluntRoy Dean BluntPower players play chess match on COVID-19 aid GOP to Trump: Focus on policy Low-flying helicopters to measure radiation levels in DC before inauguration MORE (R-Mo.) also released another version last week.

The Gillibrand-Kirk offering separates itself with language heightening fines and prison sentences for those found guilty of hacking.

Analysts and lawmakers admit there’s no clear route to passage for a data breach bill in the Senate. Some suspect backers might attach the measure to CISA when it hits the floor.

Gillibrand's other bill focuses on a specific portion of cyber threat data-sharing not addressed by CISA.

In addition to the tax credits, the bill would establish a network of industry-specific cyber info-sharing hubs. These hubs already exist in many sectors — financial, retail — but do not necessarily exchange data between sectors.

“We have the largest defense budget in the world by far but that hasn’t stopped our hospitals and banks from falling victim to a near constant barrage of attacks,” Gillibrand said. “We’re long overdue for a new national approach to cybersecurity.”

— Updated 3:30 p.m.