Cyber Bill Won’t Prevent Attacks But ‘Minimizes Data Loss’
Senate Intelligence Committee Chairman Richard Burr (R-N.C.) said the cyber security bill would “minimize data loss” rather than prevent cyber attacks.
Under the Cyberthreat Information Sharing Act, the federal government would have the authority to “push out” information to businesses regarding an ongoing attack. As part of the bill, Burr said the government could inform businesses about the software needed to limit the loss of data from a cyber attack.
“It’s amazing we found out as we went through this process that authority does not exist within the government today so it will become statutory,” he said.
Information Technology directors at private companies would be able to share forensics information with the government as well.
“This is a bill designed to minimize data loss. We don’t portray that anything in this bill stops you from being targeted and penetrated but it makes our response time as long as we keep the process in real time, it keeps the process to where we can minimize the overall data lost from any attack tool and any country or individual that wants to commit it,” Burr said at the U.S. Chamber of Commerce.
“I’m convinced today that we could put more 10 more privacy provisions in and the privacy community would still be opposed to this,” he added.
The Intelligence Committee’s ranking member, Sen. Dianne Feinstein (D-Calif.), said privacy advocates would not be pleased with the bill regardless of any further changes to the legislation.
“We are satisfied at this stage that the bill prevents the transmission of private personal information as much as is possible,” she said at the summit. “You obviously have to know or be able to ascertain or see that that information is there to be able to discard it before the cyber threat transfer is made. We believe it’s workable. We believe it’s doable.”