Earlier this year, the House proved yet again that it doesn’t care about your privacy by passing CISPA. The controversial cybersecurity bill would let the government and private companies easily share information to counter cyber threats. Now the Senate has finally gotten around to drafting its own legislation, but it’s nothing like CISPA. It’s not like it matters though.
So, who would be creating these standards? As it stands, the bill tasks the National Institute of Standards and Technology to create “voluntary cybersecurity standards and best practices for critical infrastructure, such as banks and power plants.”
The bill doesn’t stop there, however, as it would also help improve research and education relating to cybersecurity. The latter is especially important as many people still aren’t aware of just how much malware is on the Web.
As you can see, the proposed bill contains nothing about information sharing. That doesn’t mean the Senate doesn’t want to pass its own version of CISPA though. Sen. Jay Rockefeller, who just so happens to be the chairman of the Committee for Commerce, Science and Transportation, says he would support legislation that enabled information sharing. That won’t come until later down the road, however, and the Senate bill will probably once again look different from the House’s CISPA.
But I digress, cybersecurity standards are incredibly important, and its encouraging to see the Senate only make them voluntary. It’s not like I don’t have faith in the National Institute for Standards and Technology, but mandatory standards are rarely a good thing when it comes to technology. The ever changing nature of it requires people that actually know what they’re doing to apply new standards as new threats emerge.