One final lame-duck cyber bill could still be in the works, according to multiple people familiar with the negotiations.
On Thursday, the Senate may hotline a bill allowing officials at a key agency to work with the private sector on a voluntary cybersecurity framework that companies could follow to bolster their defenses.
{mosads}Hotlining means that if no senators object, the measure would swiftly pass, giving it a shot at becoming law before Congress leaves for the year.
The government’s technical standards agency, know as the National Institute of Standards and Technology (NIST), is housed within the Commerce Department.
In a 2013 executive order, President Obama directed NIST to work on the cyber framework. The institute released the first version of the framework earlier this year and is working to revise it and spread awareness in the private sector. The bill would essentially put in writing NIST’s authority to collaborate with the private sector on such cybersecurity issues.
It’s a slimmed-down version of a bill introduced last year by Sens. Jay Rockefeller (D-W.Va.) and John Thune (R-S.D.), the highest-ranking members of the Senate Commerce Committee, and would be the fifth overall piecemeal cyber bill to get through Congress in the lame duck — a surprise to many, who thought the issue might be tabled until 2015.
The four other bills heading to the president’s desk also delineate cybersecurity responsibilities at various agencies, while expanding the government’s ability to hire and retain a robust cyber workforce.