Tech Support

Is the U.S. Congress Capable of Passing Cyber Security Legislation?

Power Substation outside Denver, COProbably not, barring a major crisis. Until then, Americans will have to rely on vendors’ voluntary efforts to keep the national infrastructure safe.

25 Vulnerabilities in U.S. Power and Water Systems

Last fall, researchers found over two dozen cyber vulnerabilities in the software running the "critical infrastructure systems of the United States.

What do we mean by critical infrastructure, exactly? The Patriot Act defines that phrase as the "systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of [which] would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters."

Water and power definitely qualify.

The weaknesses were discovered in the Supervisory Control and Data Acquisition (SCADA) systems that vendors use to administer U.S. power substations and water systems. Attackers exploiting these could, for instance, "crash a system or send the master server into an infinite loop, preventing operators from monitoring or controlling operations" (source). That’s just one example.

This is not an unanticipated problem. Two years ago (2011), Director of Symantec Global Intelligence Network Dean Turner said that "businesses and governments around the world should be very aggressive in their efforts to promote and coordinate protection of critical industry cyber networks."

More recently, Matt Rhoades, director of the cyberspace and security program at Truman National Security Project, floated the idea of passing legislation to do just that.

To make his case, he simulated a series of crises in which “a major cyberattack hits two generators in Florida on 4 April 2015, disrupting power in Coral Springs and St. Augustine, Florida; leading to multiple deaths and millions of dollars lost. A month later, Congress is tasked with presenting a bill to the president to fix the vulnerability, but political gridlock, media histrionics, and aggressive lobbying from industry makes passage of a bill unlikely.”

In the end, however, "Rhoades told Defense One that it seems unlikely that Congress will pass a major bill on cybersecurity without a crisis" (emphasis ours).

What kind of crisis would that take?

Good question.

Security matters. That’s why Netop lets you set granular permissions for hundreds to thousands of vendors, so no one can perform an operation that you didn’t authorize. Click to learn more.


November 16, 2017 at 3:16 PM
In "Financial Services", "Financial Technology", "Government Technology", "Health Technology", "POS", "Remote Support", "Network Security", "Customer Service", "GDPR Compliance", "Industrial Technology", "Retail Technology"
August 9, 2017 at 4:23 AM
In "POS", "remote vendor access", "Remote Support", "Secure remote access", "Network Security"
July 7, 2017 at 10:38 AM
In "data breach", "Financial Services", "Financial Technology", "Government Technology", "Health Technology", "network security", "POS", "pos security", "Remote Support", "Retail Network Security 2017", "Network Security", "Cybersecurity", "data security", "Industrial Technology", "IT Security", "retail network security", "Retail Technology"

Subscribe to Email Updates


Birkerød, DK
Portland, OR, US
Bucharest, RO
Manila, PH

Americas: +1 866 725 7833
Worldwide: +45 8987 4424

Our Tweets