Rockefeller’s Cybersecurity Act of 2010: A Very Bad Bill

May 4, 2010 – 12:43 pm  Richard Stiennon Bio | Email

Stiennon has been a white hat hacker for PricewaterhouseCoopers, VP Security Research at Gartner, and an executive at Webroot Software and Fortinet, Inc. He is founder and Chief Research Analyst at IT-Harvest.

There are a bunch of cybersecurity bills trickling through Congress right now; some of them several years in the making. Senator Rockefeller’s Cybersecurity Act of 2010(S.773) is deemed the most likely to get voted on by the Senate as it was just unanimously passed through the Senate Committee that he chairs, Commerce Science and Transportation.

It is time for the security industry to take a close look at this $1.82 billion bill as it contains some pretty drastic measures that are going to be very disruptive, and I believe detrimental.

The preamble, labeled “Findings” sets the stage with the dramatic language we have become familiar with:

As a fundamental principle, cyberspace is a

vital asset for the nation and the United States

should protect it using all instruments of national

power, in order to ensure national security, public

safety, economic prosperity, and the delivery of critical services to the American public.

Even though there is a definitions section, “cyberspace” is never defined in S. 773. And, setting aside the dangling participle, this is a rather broad declaration. All instruments of national power?

For the rest of this post, visit