Home / / Cyber Bill okayed by US Senate committee; faces uphill struggle

Cyber Bill okayed by US Senate committee; faces uphill struggle

Privacy concerns over information-sharing proposal may stymie move to protect critical infrastructure

In the Middle East, security vendors have increasingly turned to big data and analytics as a means to progress the fight against cyber incursions.
In the Middle East, security vendors have increasingly turned to big data and analytics as a means to progress the fight against cyber incursions.

The US Senate Intelligence Committee yesterday cleared a Bill designed to spur information sharing among the public and private sector in a bid to protect critical infrastructure against cyber attacks, Reuters reported.

FEATURE: Security advice from an ex-CIA cyber master

The legislation still must be approved by a full vote in the US Senate and must be adjusted to mesh with a Bill that passed the House of Representatives in April. Already concerns have emerged among lawmakers of possible privacy violations, an issue made more sensitive since ex-NSA contractor Edward Snowden leaked details of secret surveillance programmes.

"Cyber attacks present the greatest threat to our national and economic security today, and the magnitude of the threat is growing," said committee chairwoman Dianne Feinstein, a California Democrat and co-author of the Bill with Vice Chairman Saxby Chambliss, a Georgia Republican.

FEATURE: Security advice from an ex-CIA cyber master

"This bill is an important step toward curbing these dangerous cyber attacks."


Robert Bigman, former chief information security officer at the CIA and current private-sector IT security consultant, warned Dubai conference delegates that one of the main barriers to effective SIEM (Security Intelligence and Event Management) systems was the standardisation of information sharing.

FEATURE: Security advice from an ex-CIA cyber master

Bigman was speaking at the Gulf Information Security Exhibition and Conference (GISEC), held at the Dubai World Trade Centre in June.

In the Middle East, security vendors have increasingly turned to big data and analytics as a means to progress the fight against cyber incursions now that the cyber security industry has accepted the premise that intrusion prevention systems (IPS) are no longer an effective means of protection. But the information-sharing requirements of such solutions stand in the way of their operation.

FEATURE: Security advice from an ex-CIA cyber master

"In the US government we can't even agree on the standard for how to share the data," Bigman said. "The idea that we are all someday just going to collectively start sharing data without any restrictions and move it transparently across organisations and governments... I would love to see that; it would be wonderful. But it's not going to happen."