This story was updated Thursday, March 8, 2012, at 3:15 a.m.
Senior administration officials briefed lawmakers Wednesday on what would happen if the systems that run the nation’s critical infrastructure came under a cyber attack.
A National Security Council spokeswoman said John Brennan, the deputy national security advisor for homeland security and counterterrorism, was among an interagency team briefing the Senate.
“The classified scenario is intended to provide all senators with an appreciation for new legislative authorities that would help the U.S. government prevent and more quickly respond to cyber attacks,” the spokeswoman said.
Along with Brennan, Hill sources say Gen. Keith Alexander, director of the Defense Department’s Cyber Command; Ashton Carter, deputy secretary of Defense; Department of Homeland Security Secretary Janet Napolitano; Gen. Martin Dempsey, chairman of the Joint Chiefs of Staff; James Cole, deputy attorney general; Stephanie O’Sullivan, principal deputy director of national intelligence; Howard Schmidt, cybersecurity coordinator at the White House; Cam Kerry, general counsel of the Commerce Department; Thomas D’Agostino, under secretary for nuclear security and administrator, National Nuclear Security Administration; Chris Painter, coordinator of cyber issues at the State Department; and FBI Director Robert Mueller participated in the discussion.
The briefing came as senators are at odds over the approach to improve the cybersecurity of critical infrastructure.
“Only Congress can modernize our underlying laws and give us the full range of tools our cybersecurity professionals need to more effectively deal with this growing and increasingly sophisticated threat, including risk-based performance standards to ensure the nation’s most vital of critical infrastructure systems meet a baseline level of security,” the NSC spokeswoman said.
Sens. Joseph Lieberman (I-Conn.), Susan Collins (R-Maine) Jay Rockefeller (D-W.Va.) and Dianne Feinstein (D-Calif.) introduced the Cybersecurity Act of 2012 in February. It would give DHS a more prominent role in working with operators and owners to develop cybersecurity standards. It also would require the critical infrastructure owners to self-certify or receive a third-party certification that they meet federal cyber standards.
Sens. John McCain (R-Ariz.), Kay Bailey Hutchinson (R-Texas) and six others introduced a competing cybersecurity bill last week, called the SECURE IT Act. The authors of this bill say their approach is more collaborative and less regulatory. McCain and others want to create incentives for critical infrastructure operators to share threat information with one another and with federal agencies.
Rep. Mary Bono Mack (R-Calif.) is expected to introduce a House version of the SECURE IT Act this week.
There is no companion bill in the House for the Cybersecurity Act of 2012. Rep. Dan Lungren (R-Calif.) introduced a cyber bill that takes into account some of what the Senate proposed. His bill, called the Promoting and Enhancing Cybersecurity and Information Sharing Effectiveness Act of 2011, would designate DHS as the single focal point for protecting federal networks and systems as well as for private sector critical infrastructure.
This story is part of Federal News Radio’s daily Cybersecurity Update. For more cybersecurity news, click here.