BREAK IN TRANSCRIPT
Mr. THORNBERRY. I appreciate the gentleman from Florida for yielding to me.
I rise in support of the rule and the cyber bill that it brings to the floor, as well as the other cyber bills which the House will consider today and tomorrow.
Let me begin, Mr. Speaker, by acknowledging the leadership of the Speaker and majority leader for setting up a process for a thoughtful examination of the many issues related to cybersecurity. They recognize that not only is it a significant national security threat, it's a threat to our economy and to jobs. But at the same time, what we are trying to protect, at least 85 to 90 percent of it is owned and operated by the private sector. So one has to tread carefully in this area, and we have tried to do so with the limited legislation that is before the House today and tomorrow.
I also want to thank the members of the House Cybersecurity Task Force, who put in a great deal of time and expertise in sorting through these issues and making recommendations: Mr. Aderholt, Mr. Chaffetz, Mr. Coffman, Mr. Goodlatte, Mr. Hurt, Mr. Latta, Mr. Lungren, Mr. McCaul, Mr. Murphy, Mr. Stivers, and Mr. Terry. Of course, a number of Members have worked on these issues for several years, including a number of those I've just mentioned, as well as Mr. Langevin, Mr. Ruppersberger, people on both sides of the aisle.
Finally, I also want to take a second to thank the staffs of the various committees who have worked on this issue, as well as Josh Martin and Michael Seeds of my office, as well as Jen Stewart, the Speaker's national security adviser, whose guidance on substance and process was invaluable.
Mr. Speaker, we will have ample opportunity to debate the merits of the individual pieces of legislation, but I think it's important at the beginning just to step back and say: Why all this hubbub about computers? What does all that mean?
Well, I think we should start with the point that cyber--and that includes networks that are connected to the Internet and networks that are not connected to the Internet--but cyber is deeply ingrained in virtually every facet of our lives now, from the time we get up until the time we go to sleep and all the times in between. We very much depend on cyber, and anything you very much depend on can, and often does, become a vulnerability.
We know of at least three different kinds of vulnerabilities these days. People can reach through the Internet and steal information which businesses, large, medium, and small, have produced. It happens every day in this country. Intellectual property is ripped out of the possession of those who produce it. And every time people steal information, they cost us jobs; they are stealing jobs as well. So our economy is directly affected by the difficulty in protecting the information that we, as individuals and businesses, store on our computers.
In addition to that, though, information can be destroyed on our computers or it can be manipulated, or the computers themselves can be manipulated so that what we intend to do or what we want to do is not possible. If, for example, you have a lot of bank records that are destroyed or other such important records, then it can have a huge effect on our economy as well as our security.
But going beyond stealing information, destroying information, we now know it's possible to reach through the Internet and other networks to have physical consequences in the real world, to flip a switch, to open a valve. It's the sort of thing that happened with the Stuxnet virus in Iran. But there are physical
consequences to doing so. So that's part of the reason that people talk about the electricity grid going down, a whole city being poisoned by its water supply, chemical plants releasing emissions that they don't intend to release, physical consequences.
Real death, potentially, and destruction can occur all because of things going on the Internet. That's the reason a lot of people talk about a cyber 9/11 or a cyber Pearl Harbor.
I know it's tempting to think all that's hype, but the truth is that over the past decade--and especially over the past couple of years--the number and sophistication of threats has grown much more rapidly than our ability to respond. And it's especially our laws and policies that have not kept up with the growing sophistication of threats.
So the bills that we have before us this week, four of them, try to begin to take a step to close that gap between the growing threat and laws and policies. They don't solve all the problems, they don't try to, but they are a step in the right direction.
The SPEAKER pro tempore. The time of the gentleman has expired.
Mr. NUGENT. I yield the gentleman an additional 1 minute, if he needs it.
Mr. THORNBERRY. I appreciate the gentleman yielding.
I would just point out two other things, briefly:
One is, again, one criticism one hears is that, well, you don't solve this problem or that problem, and that is absolutely true. These bills, all four of them, don't solve all the problems in cyberspace. But we shouldn't let the pursuit of the perfect answer prevent us from accomplishing some significant steps in the right direction, and that's what these bills do.
The second point I'd make, as the gentleman from Florida mentioned, is three of these bills were reported out of committee by voice vote. The information-sharing bill was reported out 17 1. I believe that it has been made better since then. New protections are there. A host of restrictions on how the information can be used and privacy protections have been added and will be added with the amendments to come.
So I think this deserves the support of all Members on both sides of the aisle, and Members on both sides of the aisle should take credit for taking a step to make our Nation more secure.
BREAK IN TRANSCRIPT