I recognize the polarization in Washington but I always believed that when it comes to national security, logic and common sense would always trump partisan politics. Now that I’ve been involved with cybersecurity legislation for the past 2 years, I realize how naïve and idealistic this belief is.
While many of us were enjoying our summer vacations, Senate Republicans blocked the latest version of the Lieberman/Collins Cybersecurity Act of 2012. The final tally was 52 opposed/46 in favor and the voting was largely along party lines.
I have to give the Republicans a bit of credit for their political maneuvering. Forget about press statements about why they blocked this bill (i.e. too much government regulation, bad for business, etc.). The grand-old party pushed back on cybersecurity for one reason – the President supports it. Additionally, President Obama promised decisive action of cybersecurity during the 2008 campaign.
The Republicans put themselves in a no-lose position. With no cybersecurity legislation now likely, Mitt Romney can point to cybersecurity as another promise that the President didn’t deliver. If Mr. Obama pushes through cybersecurity mandates as an executive order (highly unlikely), Romney and the boys can play the “big government,” “socialist,” and “bad for business” cards.
Yup, a brilliant game of chicken from a political perspective, but this gamesmanship burdens the rest of us with an increasing amount of cybersecurity risk. Just this week, Kaspersky Lab uncovered a sophisticated a new malware variant it named Gauss. It appears that Gauss came from the same place as other cyber weapons like Stuxnet, Flame, and Duqu. Someone is launching repeated cyber attacks on the Middle East and there is almost certain to be a response. Yet while Damascus, Tehran, and Tel Aviv are burning, the U.S. Senate continues to play its political fiddle.
I truly get the position that more ineffective bureaucracy won’t solve the problem, but if the Federal government won’t step in to protect its citizens, who will? Before the Nixon administration acted with environmental regulations, reputable American companies were spewing toxic chemicals into our air and water so Uncle Sam stepped in. In a perfect world, businesses would do the right thing but every few years they prioritize profits and greed over altruism. When this happens we get the financial industry meltdown of 2008 and while we scramble to find jobs and pay our mortgages, no one on Wall Street goes to jail.
The Cybersecurity Act of 2012 isn’t a perfect piece of legislation but let’s remember that it was the output of several years of work by the Homeland Security and Government Affairs Committee (HSGAC) in the Senate and received bi-partisan support. When it failed to gain full Senate support earlier this year, the HSGAC re-grouped and came up with a compromise bill which also had bi-partisan support. Now years of work are down the drain and our country faces grave cybersecurity risks.
It doesn’t matter if you think of yourself as a Tea-Party conservative or a bleeding heart liberal, none of us should be happy. We are all political pawns. A successful cyber attack on our nation’s power grid could devastate the economy, force a major regional evacuation, and consume massive FEMA resources. Does anyone really believe that political gains are worthy of this type of high-stakes bet?