March 17, 2010 - Eric Chabrow

The odds of a major cybersecurity bill reaching President Obama's desk before year's end improved a bit Wednesday. Still, it's a long shot that any cybersecurity legislation will become law in 2010.

Sen. Jay Rockefeller, the West Virginia Democrat who chairs the Senate Commerce, Science and Transportation Committee, announced the panel would review in a markup session next Wednesday, March 24, the renamed Cybersecurity Act of 2010, S. 773. Most markups - where the committee reviews a bill's text and consider amendments - end with a committee vote to send the revised version of the bill to the full Senate for consideration. That's a significant step forward. Since the 111th Congress began in January 2009, no major IT security legislation has made it to the Senate floor.

Rockefeller and Sen. Olympia Snowe of Maine, the ranking Republican on the committee, released Wednesday a substitute amendment for their bill that calls for, among other things, the administration and private sector to collaborate in developing processes in which critical IT systems could be shuttered in the event of a national emergency, shutting off at least some traffic over the Internet.

Still, revising a bill and scheduling a committee vote does not, on its own, make a law. Plenty of obstacles remain, including other cybersecurity bills before the Senate. Among them are the House-passed Cybersecurity Enhancement Act, which has some overlap with the Rockefeller-Snowe bill and has been assigned to their committee, and the United States Information and Communications Enhancement Act, or U.S. ICE, a bill sponsored by Sen. Tom Carper, D.-Del., that would update the Federal Information Security Management Act. Sen. Joseph Lieberman, I-Conn., who chairs the Senate Homeland Security and Governmental Affairs Committee, has promised to introduce a comprehensive cybersecurity measure.

If a cybersecurity bill ever gets brought up for a Senate vote, it probably will be an amalgam of all these measures, shepherded through the upper chamber by Senate Majority Leader Harry Reid of Nevada. And, assuming it passes, the measure would then need to go to the House of Representatives for its blessing before being sent to the Oval Office for the president's signature. With Congress obsessed with healthcare insurance, banking reform and jobs, and the fall election season rapidly approaching, will lawmakers have the time and energy to address cybersecurity this year?

There's a lot of ifs in this equation, and my guess it's a bet many bookies would love to take.