BREAK IN TRANSCRIPT
Mr. UDALL of Colorado. Madam President, I rise this afternoon in support of the bipartisan Cybersecurity Act of 2012, and I wish to share my concerns about the very real cyber threat facing our country. Most importantly, I rise to urge all my colleagues to move forward to the passage of this pending cyber security bill for the good of our national security. Top experts and respected members of both political parties have told us that time is wasting; we must debate and pass this critically important piece of legislation.
Cyber security policy is an issue with which I am deeply involved, given my seats on the Senate Intelligence Committee and the Senate Armed Services Committee. Moreover, Colorado's military and defense communities play a prominent role in defending our country, the United States, against cyber attacks.
The Air Force Space Command, located at Peterson Air Force Base in Colorado Springs, is responsible for protecting American space-based assets from network intrusions. The U.S. Northern Command, also located at Peterson Air Force Base, recently established a Joint Cyber Center to help provide on-demand cyber consequence response to civil authorities.
Multiple defense and technology industry companies based in Colorado also contribute hardware, software, and expertise to the effort to keep our networks and infrastructure secure.
Our Federal labs also conduct critical research into cyber security, most notably the National Institute of Standards and Technology, otherwise known as NIST, which is located in Boulder. They play a key role in helping establish cyber security standards.
The threats posed by cyber attacks have long been recognized, but we in the Congress have yet to act upon these threats in a comprehensive way. It is as if we see the danger in front of us, but yet we cannot find the courage to face it. But Congress cannot afford to wait for a 9/11-sized attack in order to act. Waiting for a catastrophic act--something military and intelligence leaders and a bipartisan collection of national security experts are warning us against--is the exact opposite of leadership and the exact opposite of what our constituents expect us to do.
This debate, to me, has seemingly, unfortunately, unraveled into an antiquated argument about the public sector versus the private sector. We cannot let old ways of thinking bog us down. This is a threat that can only be addressed by both the public and private sectors working together.
The private sector owns 85 percent of our Nation's critical infrastructure, which is itself heavily dependent on computer networks. A successful attack on our critical infrastructure could result in disabled power grids, refineries, and nuclear plants, disrupted rail systems and air traffic control and telecommunications networks. A successful attack could bring commerce to a halt, our financial markets to their knees. It could also escalate into a war in cyber space or even a shooting war.
To defend against these serious threats, particularly those that involve national security, there needs to be an exchange of information between the public and the private sectors. Of course, allowing the government and industry to share information must be done with sufficient safeguards, so any legislation authorizing such sharing needs to strike a balance between privacy and civil liberties protections. I believe the bill's authors have achieved such a balance.
I recognize it is often difficult to find consensus on how to defend our Nation from security threats. Sometimes that is because we cannot agree on the nature of our vulnerabilities and in what priority to address them. Unfortunately, sometimes Congress is too polarized to act until after a crisis occurs.
But in the case of cyber security, we already know our Nation's computer networks are increasingly vulnerable. There is widespread agreement about the severity of the threat. Just last month, Defense Secretary Panetta testified before Congress that cyber attacks could ``virtually paralyze this country.'' The threat is not impending, it is here. We already know many of the steps we need to take to mitigate or prevent these attacks. The only issue getting in the way is politics. Frankly, Coloradans are tired of this. They want us to reason together and solve our most vexing national challenges.
The Cybersecurity Act of 2012 is not overly intrusive. It has been scaled back to a voluntary system of industry-driven security standards for critical infrastructure. The bill's authors have offered a further amendment to address some of the remaining concerns of the bill's opponents. As much as the bill's authors have compromised and worked with groups and businesses from across the policy spectrum, one would think they would get more in return from the Republicans than a demand to vote on the repeal of health care reform. But that is where the debate stands, and it is not a proud moment for our Chamber.
The cyber security bill before us may not be perfect. In fact, I have offered three amendments that I believe make this an even stronger bill.
The first would require the administration to provide a detailed plan on how it would develop a highly trained, robust Federal cyber security workforce. A stronger Federal workforce will not only better protect government assets, but these individuals will go on to fill critical roles protecting cyber assets in the private sector.
My second amendment would establish permanent faculty positions to train the next generation of military cyber leaders at the U.S. Air Force Academy.
My third amendment would require the assessment of the costs and benefits of building a strategic stockpile of extra high voltage transformers. We do not produce these highly specialized pieces of equipment domestically, and it would take months to replace transformers damaged by a physical or cyber attack.
I hope my colleagues will join me in passing these commonsense amendments aimed at improving our national security.
This cyber security bill is over 3 years in the making. I find it ironic some argue the process has been rushed and we need more time. But I believe this bill is long overdue and we simply cannot afford not to act.
As the head of U.S. Cyber Command and the Director of the National Security Agency, General Alexander, wrote in a letter to Congress this week, ``The cyber threat facing the Nation is real and demands immediate action.''
This is coming from the national security official who knows more than anyone about the cyber threats facing our country. As a member of the Intelligence Committee, I take his cautions and advice very seriously. The rest of us should as well.
As I close, I urge all of us, let's put aside partisan ploys and partisan differences. Let's work together to amend and pass this vitally important cyber security bill.
I yield the floor.
BREAK IN TRANSCRIPT