Since late last year, members of the U.S. Congress have introduced no less than 34 different bills dealing with information security and Internet policy. Many of these bills are well-meaning, such as the House resolution calling upon Vietnam to "release imprisoned bloggers and respect Internet freedom" -- even if the bill applies no penalties and, more importantly, appropriates no money.
But the more significant "cyber" bills are the ones dealing with the security of the Internet. Since April 1, 2008, when Sens. Jay Rockefeller and Olympia Snowe introduced a particularly mammoth piece of cyber legislation, Congress has worked diligently in an effort to do something -- anything, really -- about hardening the nation's cyber-infrastructure.
Among the challenges they face is that it remains difficult to realistically prioritize when it comes to cyber vulnerabilities. The threats are definitely out there. But none of the most recent national catastrophes -- from Sept. 11 to Hurricane Katrina, the 2008 financial meltdown and the Gulf oil spill -- have been the work of a nefarious hacker gang. For now, at least, cyber threats remain largely the realm of worst-case scenarios.