Earlier this week, Reuters obtained a draft copy of a bill circulating around Capitol Hill which would give the president the power to declare an emergency in the case of a major online attack. The bill could force certain businesses to enhance their cyber defenses and open themselves to greater scrutiny by the Federal Government. Specifically, the bill would allow the president to declare an emergency if there is an imminent threat to the U.S. electrical grid or other critical infrastructure (such as the water supply or financial network) because of a cyber attack.
Entire industries, companies or portions of companies could be temporarily shut down, or be required to take other steps to address the situation. The emergency declaration would last for 30 days, unless the president renews it. However, it cannot last more than 90 days without action from Congress.
This piece of legislation will be interesting to watch. On one hand, many experts believe cyberspace is the battleground of the not-so-distant future. With most of the nation’s critical infrastructure in the private sector, effectively preventing and responding to attacks is desirable. However, any time the Federal Government ordains itself with the power to seize control of a private sector business, people get nervous (including the very vendors from which the government buys).
This story highlights the growing interweaving of government, commercial concerns, citizens and technology. Don’t expect this debate to end anytime soon.
- Cyber Command Director: U.S. Needs To Secure Critical Infrastructure (informationweek.com)
- You: Cyberwar Chief Calls for Secure Computer Network (nytimes.com)
- Exclusive: Cyber bill would give U.S. emergency powers (reuters.com)