In his three decades in Washington Senator Jay Rockefeller (D-West Virginia), the chairman of the Committee on Commerce, Science, and Transportation has seen threats, great and small, visited upon the United States. Last month Rockefeller announced his retirement from the Congress in 2014. But before he leaves Washington he is waging a final crusade against a national security threat he argues is as sinister as an al-Qaeda conspiracy: cyberterrorism.
At a moment when reported lobbying spending in Washington has slowed, the national panic over cybersecurity has turned into a multi-million dollar jackpot issue for K Street. In recent months hackers have gone after high value targets, setting off cyber-emergencies with attacks on telecommunication providers, major news outlets like the New York Times and even, more perilously, the Fed. With public and private interests scrambling to meet threats that have the potential to paralyze the nation, the kind of legislation Rockefeller has been pushing, combining public-private intelligence sharing with new Federal guidelines to combat cybercrime and cyber-espionage, has gained traction. The result: ten years ago cybersecurity barely registered as a factor in D.C., with only four firms lobbying in that area. By 2011 1,500 companies were advocating on the issue.
Last month Senate Democrats reintroduced a bill, the Cybersecurity and American Cyber Competitveness Act, S. 21, that had failed in the last Congress. Fronted by Sen. Rockefeller, the bill draws up voluntary guidelines for heightening cybersecurity protocols among businesses involved in what are deemed to be national and economic security activities such as banking, defense and utilities. Rockefeller’s bill never made it out of the last Congress because of opposition from the U.S. Chamber of Commerce. What scared the Chamber and its member businesses was the prospect that cybersecurity protocol upgrades would come down from Washington as high cost mandates. Indeed the most stringent legislation bandied about in Washington last year would have forced companies to spend almost fifty billion dollars on enhanced software security, a nearly nine-fold increase from current out-lays on anti-hacking firewalls.
Rockefeller’s bill, with its renewed emphasis on voluntary compliance and “partnered” data sharing on cyber threats, appears to have resolved many concerns among business leaders about keeping down costs while protecting proprietary systems, and its prospects for passage in this Congress are somewhat improved, if by no means assured.
Not surprisingly, tech companies that stand to benefit financially from building the technology to implement cybersecurity upgrades are fielding their own bench of lobbyists—and their message is more mandates, more reform. Among these heavy hitters are software giants Cisco and Oracle. Google is also out there, employing eight lobbyists to advocate for the Cyber Intelligence Sharing and Protection Act (CISPA), a bill that would pull down legal barriers that prevent companies from sharing information about cyber threats. Other supporters of CISPA include IBM, Verizon, Microsoft and Facebook. Like the Rockefeller bill, CISPA is taking heat from cyber-privacy advocates, who have launched activist campaigns on the web highlighting what they see as government overreach, and corporate irresponsibility with their users’ personal data.
In a recent speech the out going Secretary of Defense, Leon Panetta, tore into Congress over its failure to pass any meaningful cybersecurity legislation. Cyber crime, Panetta reiterated, is well on its way to becoming the national security nightmare of the 21st century. But for all of the alarms sound by Rockefeller and others there is no guarantee that, in the absence of 9/11 type incident, the public cares enough about cyber issues to force a divided Congress to negotiate a comprehensive bill. It is just too soon to tell whether Rockefeller’s bill has assuaged business anxieties enough to be in the running. For lobbyists, on the other hand, the force and intensity of this debate, and the deep-pocket power of the major players, has produced just the kind of push and pull that keeps K street humming.
