A bill that would establish security standards to prevent large-scale cyberattacks on the nation’s critical infrastructure — including water supplies and the electrical grid — failed in the Senate on Thursday despite strong endorsements from top military and national security officials.
Senators voted 52 to 46 in favor of the bill, coming up short of the two-thirds majority necessary to advance it to a final vote. The GOP filibuster further stalls years of bipartisan efforts to establish stricter security standards and, some experts say, could leave the nation vulnerable to widespread hacking or a serious cyberattack.
“This is one of those days when I fear for our country, and I’m not proud of the United States Senate,” Sen. Joseph I. Lieberman (I-Conn.), one of the bill’s chief sponsors, said before the vote. “We’ve got a crisis, and it’s one that we all acknowledge. It’s not just that there’s a theoretical or speculative threat of cyberattack against our country — it’s real.”
In hopes of moving the bill forward, the White House and Democratic and Republican sponsors of the measure had agreed to weaken the proposal by making stricter security standards voluntary, instead of mandatory, for the large private firms that control most of the nation’s infrastructure.
On Wednesday, Gen. Martin Dempsey, the chairman of the Joint Chiefs of Staff, and John O. Brennan, the White House counterterrorism adviser, voiced support for the measure. President Obama wrote a rare op-ed, in the Wall Street Journal, in favor of the bill, in hopes of garnering enough votes.
But even voluntary standards are strongly opposed by many in the business sector. The U.S. Chamber of Commerce, which made a big push against the bill, threatened to track how lawmakers voted on the measure in its influential annual assessments.
In a statement, the White House blasted Thursday’s vote. “Despite the president’s repeated calls for Congress to act on this legislation . . . the politics of obstructionism, driven by special interest groups seeking to avoid accountability, prevented Congress from passing legislation to better protect our nation from potentially catastrophic cyber-attacks,” White House press secretary Jay Carney said.
The challenge surrounding cybersecurity is that most of the nation’s vulnerable systems — the computer networks that run the nation’s power, water, transportation and communications — are overseen by the private sector.
Republican critics of the bill argued that any cybersecurity standards — whether mandatory or voluntary — would place a financial strain on private companies. They say government intervention is not necessary on this issue.
The legislation also included a provision that would encourage the sharing of cyberthreat data between government and industry. House lawmakers, who have passed a cyber-information-sharing bill, urged the Senate to follow suit.
“This can’t be the end of the story,” House intelligence committee Chairman Mike Rogers (R-Mich.) said of the vote. “The Senate needs to get back to work . . . and pass an information-sharing bill.”
Congress is scheduled to leave Friday for a month-long recess, and supporters could not immediately say when the issue might be brought up again for a vote. Sen. Harry M. Reid (D-Nev.) voted against the measure, reserving the right as majority leader to reintroduce it at a later date.