WASHINGTON — One of the authors of an information sharing bill passed in the US House in April is asking industry for help getting the bill passed in the Senate.
Rep. Dutch Ruppersberger, D-Md., urged members of the defense industry attending a cyber seminar sponsored by the National Defense Industrial Association on Tuesday to help push the bill through.
“We’re asking you to join with us, to help us persuade the Senate to move forward,” Ruppersberger said. “What you should do as a small business is the same thing that you should do as a large business. Coming together and letting your elected representatives know how important this bill is, this is one of the biggest threats.”
The bill, known as the Cyber Initelligence Sharing and Protection Act (CISPA), mainly addresses the issue of government and industry exchanging information on threats. Companies would receive some legal protection for telling the government about what they are seeing — currently a problem because of liability concerns — and government would more easily be able to share threat data.
“Under our current law our intelligence community cannot really give information about the attacks to the other side, to the business community,” Ruppersberger said.
The bill has been stalled since its arrival in the Senate, where former Connecticut Sen. Joseph Lieberman tried for years to pass a comprehensive cybersecurity bill. His last attempt, shot down in late 2012, failed because of pressures from members of the business community who were concerned they’d be forced to spend money on cybersecurity, and by privacy advocates who thought that Lieberman’s plan might open the door to more government snooping.
But information sharing, the primary component of CISPA, may not be enough, said Fred Schwien, director of homeland security programs and strategy at Boeing.
Schwien, formerly an executive secretary at the Department of Homeland Security, said that even with information sharing, companies would be on their own in the cyber domain.
“Why don’t we as a company have air defense assets to defend against bombers coming to attack our plant?” Schwien said. “In many ways, if the government shares a lot of information with us, we’re kind of on our own. It is a sector where the private sector would be defending itself against nation states, and our Congress and public need to think through whether that’s what they want our companies doing.”
Ruppersberger said that his success in getting the bill passed in the house was dependent upon a similar plea to industry.
“I went to the business community and I said, ‘I need your help,’ ” he said.
But until the bill is passed, Ruppersberger said that cyberattack remains one of his biggest fears.
“What keeps me up at night is spicy food, weapons of mass destruction and cyberattack,” he said.