The Cybersecurity 202: Republicans and Democrats are feuding over the Equifax breach

[The AchieVer]

THE KEY

Republican leaders of the House Oversight Committee released a scathing report about the Equifax data breach on Monday morning, detailing a series of security failures that preceded the 2017 compromise of 140 million Americans’ personal information.

A few hours later, committee Democrats released a competing report about the consumer credit reporting agency, lashing out at their Republican colleagues for not demanding new cybersecurity laws to prevent the next major data breach.

The competing reports highlight how cybersecurity, which was once considered a largely bipartisan topic, has been infected by partisan conflict.

The feud also underscores the supreme difficulty of reaching bipartisan consensus in cybersecurity: The fact that the parties can’t even agree on how to properly condemn Equifax makes it seem even less likely that they will be united on how to tackle more complex challenges that have serious political implications, such as election security or protecting the power grid.

Aspects of the cybersecurity debate “are more partisan than they ever were before,” Daniel Schuman, a former congressional staff member who is now the policy director at the liberal advocacy group Demand Progress, told me.

In other ways, though, cybersecurity has always been more partisan than it seemed, Schuman said. That’s especially true when cybersecurity intersects with other issues that can be more partisan — such as how much money the government should spend and how actively it should regulate private industry.

The dueling reports highlight these differences.

The Democrats’ Oversight report called for new laws that would raise financial penalties for data breaches, simplify how consumers are notified about breaches and boost federal regulators’ cybersecurity efforts. The Republican report hit many of the same issues — but urged government cooperation with the private sector rather than mandates.

The Democratic report proposed broadening the Federal Trade Commission’s regulatory power over credit ratings agencies, such as Equifax, for example, while the Republican report simply urged studying those regulatory powers.

“The sides have essentially come to different conclusions about the role of government in cybersecurity,” Jacob Olcott, a former cyber staffer in both the House and the Senate, told me. “The Republican members put out a very comprehensive analysis of the event. … and the Democratic version of the report is: ‘We sat through the same meetings and here’s what we think should be done.' ”

The partisan cyber divide isn’t isolated in the Oversight Committee. 

A staffer on the House Homeland Security Committee, which is among the most cyber-focused in Congress, told me the committee generally manages to stay nonpartisan when working on issues such as how the Department of Homeland Security helps protect other federal agencies' computer networks. 

When it comes to new regulations or raising budgets, however, the parties are far apart, the staffer told me.

The divisions aren’t new, either, Paul Rosenzweig, a former House investigations counsel and Bush administration cyber official, told me. 

“My view is that the era of bipartisan agreement on cybersecurity is mostly myth,” said Rosenzweig, a senior fellow at the R Street Institute think tank. 

“The Democrats have always had a more mandate-oriented, regulatory-based view of how to approach this,”  Rosenzweig said.

Meanwhile, “you’d be hard-pressed to find any Republican who would vote for any security mandate as opposed to a security standard,” he said.

Those divisions could be overcome by a major catastrophe, such as a cyberattack against the energy grid or financial sector, Rosenzweig told me. Unfortunately, the highest-profile digital strike against the United States targeted the 2016 election, which automatically put it in a partisan frame, he said.  

One difference that has emerged during the past two years is that cybersecurity has become a partisan football as Democrats criticize President Trump for allegedly making calls on an unsecured iPhone and other topics, Schuman told me.

That partisan acrimony can bleed into other topics and make the cyber divisions even worse, he said.

“The tech stuff gets all mushed together, so you do have some weird lines being drawn in a way that doesn’t make a lot of sense,” Schuman said.

 

Source

[nir]

Feuding is the constant  Issues change.