Congress and cybersecurity

By U.S. Sen. Angus King
(I-Maine)

    We live in one of the most technologically advanced societies in the world; and while that technology allows us to share information and connect with each other faster than ever before, it also opens us up to potential attacks from hackers, foreign adversaries, and other cyber-criminals.

    For example, a cyber-attack on our industrial control systems used to regulate water management, oil and gas pipelines, electrical power distribution, and mass transit would be devastating. These threats are real, they are very serious, and they must be addressed.
    One Maine healthcare provider we spoke with spends about a million dollars each year to fend off daily attempts to steal confidential data. Another Maine financial institution estimates that nearly 70 percent of the emails they receive represent an attempt to compromise their security systems.
    According to the Maine Credit Union League, over the past year data breaches in Maine have cost credit unions around $2 million to replace payment cards and an additional half a million for covering fraud.
    We simply cannot afford the status quo any longer. It’s time for Congress to get off the sidelines and into the game by enacting cybersecurity legislation to more rapidly identify and respond to these threats.
    In July, the Senate Intelligence Committee passed the Cybersecurity Information Sharing Act (CISA) by a vote of 12-3. This bipartisan bill, which I supported, would allow companies to share cyber-threat information and defensive measures, provide liability protection for sharing that information, and require companies to remove personally identifiable information from cyber-threat-related material before sharing it with the government.
    Passing this legislation would be an important step toward improving our ability to detect and respond to cyber-intrusions. But it’s going to take more than government action to protect us from hackers and criminals. We need active engagement from businesses and other community organizations. Luckily, we have a shining example of that engagement here in Maine.
    The University of Maine System was recently recognized by the National Security Agency (NSA) and the U.S. Department of Homeland Security (DHS) for its efforts to educate and train the next generation of cyber-experts who will help protect our economic and national security.
    UMaine is the first public university system to be named  a National Center of Academic Excellence in Information Assurance/Cybersecurity, highlighting just how much they have to contribute to this important mission.
    I had the honor of recognizing this achievement in Portland earlier this fall when I toured the Maine Cyber Security Cluster located at the University of Southern Maine. UMaine’s impressive network of labs – and the students who are honing their skills there – will prove to be an invaluable resource as we work to shore up our nation’s cyber defenses.
    Ultimately, this isn’t a fight the government or the private sector can win alone – we need to work together to combat these very real and very grave cyber-threats facing our community.