The author says we need to find conservative solutions like the Secure IT Act. | REUTERS A conservative cybersecurity strategy

There used to be a time when little-known hacker groups were merely interested in going after soft targets online. Over time, their attacks have grown in scope and sophistication to include nearly every industry and asset that makes America work. According to the Government Accounting Office, over a five-year span, cyber attacks grew by 650 percent and cost our economy almost $400 billion each year.

Last month, the North Korean government was suspected of unleashing a malware attack that literally paralyzed 32,000 computers, shut down TV stations, and disrupted several major banks in South Korea. As you read these words, China’s red hacker brigade is attacking our citizens, businesses, and government institutions at an alarming rate while we sit on our hands contemplating how to respond.


Each day that passes more of our citizens’ privacy gets stripped, business plans are further dismantled, and government sites get hacked. Today’s cyber criminals, and the states that sponsor them, are developing new ways to hit us even harder. They want to tap deeper into our military applications, trade secrets, start-up technologies, communication systems, personal information, and a whole range of data and property that could easily be used to undermine our personal safety and competitiveness in global markets.

Many would even consider these routine cyber attacks as acts of war if they occurred in a more conventional context. But the attacks are hidden behind firewalls and in between data servers that go unnoticed and unrecognized by a vast majority of the American public. The intangible method of these attacks belies the threat they pose to our country’s security.

That’s why I’m proposing a conservative framework – the Strengthening and Enhancing Cybersecurity by Using Research, Education, Information and Technology Act of 2013 (SECURE IT Act) – to provide our government, business community, and citizens with the tools, protocols, and resources needed to protect themselves from those who wish us harm.

The five major components that make up the Secure IT Act are: 1) allow the government and the private sector to address cyber threat information in a more transparent fashion; 2) reform how our government manages its own information systems; 3) create new deterrents for cyber criminals; 4) prioritize research and development for cybersecurity initiatives; and 5) streamline consumers’ ability to be notified when they are at risk of identity theft and financial harm.

The framework of Secure IT is incentive-based, rather than regulatory. Rapid changes in technology guarantee the failure of static, prescriptive approaches. Just because the fingerprints of cyber criminals aren’t left behind after an attack doesn’t mean we should handcuff our greatest job-creators and innovators here in the US. The solutions that typically characterize Washington policy making – more spending, difficult rules, and extra bureaucrats – will not be effective here.

Furthermore, we can’t sit idly by thinking about how best to regulate U.S. companies that are victims of sophisticated cyber attacks while the bad guys get left off the hook. Let’s recognize the threats that exist, incentivize opportunities for flexible responses, prioritize our efforts accordingly, and give consumers a fighting chance when their personal information is sacrificed. Washington’s typical red-tape solutions won’t just fail – they will make the problems worse.

My approach is a sharp contrast to what President Obama has proposed through his back door, regulatory Executive Order. Instead of playing politics and pushing top-down solutions, I’m focused on consensus public policy that puts American businesses in the driver’s seat and holds the government more accountable. This plan is dynamic and forward-looking. It doesn’t create new government programs and it won’t cost any taxpayer money. It’s an idea whose time has come.

Obama’s regulatory maze will cede our private information, economy, and security away to those who wish us harm. At the same time, it’s irresponsible for our government to leave itself and its citizens vulnerable to attackers who’ve shown absolutely no respect for privacy, the rule of law, or our national sovereignty.

Pretending this problem can be subtly removed to our desktop recycling bin is just as much a losing hand as Obama’s regulatory proposition. That’s why we need to find conservative solutions – like the Secure IT Act – to tackle our cybersecurity challenges.

Rep. Marsha Blackburn represents Tennessee’s 7th Congressional District. She serves as Vice Chair of the Energy and Commerce Committee and also holds a seat on the Budget Committee.