New Threats, New Legal Developments, in Cybersecurity

Our economic activities, social lives and physical safety increasingly depend on computers and other devices linked through the Internet. Protecting those systems and the information they contain has become a national imperative.

In the past decade, an increasingly sophisticated cybersecurity industry has grown up to contend with the growing array of threats posed by cyber attackers and cyber thieves. A recent PricewaterhouseCoopers study puts spending on cybersecurity in the United States at $30 billion a year, and growing at 10 to 15 percent a year.

The legal system has been slower to respond, but legislators and law enforcement, at both the federal and state levels, have begun to pay attention. Cybersecurity has become a top priority in the federal government’s national security agenda, both in the executive branch and on Capitol Hill, and we have seen increased regulatory and enforcement initiatives.

In the fall of 2011, both President Obama and Senate Majority Leader Harry Reid (D-Nev.) identified cybersecurity as a top legislative priority, particularly in three areas: critical infrastructure protection, information-sharing and reorganization of the federal government’s own cyber defenses.

House Republicans responded with their own proposals, but partisan divisions, business concerns about additional regulatory burdens, and public worries about enhanced threats to online privacy left the 112th Congress unable to adopt substantial new standards before recessing for the summer. We are certain to see re-invigorated efforts in 2013, once the presidential election is behind us.