A key S.C. House panel hit the delete button on a plan Tuesday that would have put the state’s computer operations under the control of a seven-member commission appointed by legislators and the governor.
The House’s proposed solution, coming in the wake of the worst-ever computer breach at a U.S. state agency, differed greatly from a version that passed the state Senate.
The Senate bill called for creating a cyber-security office with an executive director named by the governor. That mimicked a suggestion from a cyber-security consultant hired by the state for $3 million.
That is likely where the House Ways and Means Committee will start work again on the bill so a proposal reaches the floor before the session ends next month, said committee chairman Brian White, R-Anderson.
Committee members lined up against the proposal to create a standalone commission Tuesday, suggesting the state was moving too fast after hearing a report from state-hired Deloitte Consultants. The firm suggested the state consolidate cyber-security efforts while allowing agencies to continue running their computer operations.
Rep. Harry Ott, D-Calhoun, said the state could be paying an unknown amount of money for a new state bureaucracy. Rep. Gilda Cobb-Hunter, D-Orangeburg, added: “I’m not into rushing into this, just to say we did something.”
The committee voted unanimously to end debate on the bill.
Like several others on the committee, state Rep. Chip Limehouse, R-Charleston, said he wants something approved by the end of the session. “Just saying ‘no’ is not the answer.”
Rep. Roland Smith, R-Aiken, fears public backlash if the General Assembly fails to approve a plan to head off future hacking attacks. The hacking last fall compromised personal information belonging to 6.4 million consumers and their children and businesses from the S.C. Department of Revenue.
White said committee representatives spoke with Gov. Nikki Haley’s office about crafting a hacking bill. “It’s a big issue, and it will take time,” he said.
The House has set aside $25 million in next year’s budget, which starts July 1, for credit-fraud monitoring or protection and other hacking-related costs. The Senate’s version of the budget has about $20 million set aside.
The House cyber-security bill called for five additional years of credit-fraud monitoring or protection. The Senate version included up to 10 years of credit-fraud aid.
The state is fielding bids for five years of credit-fraud monitoring or protection. Experian received a $12 million emergency contract to provide credit monitoring for nearly 1.5 million S.C. tax filers after the hacking became public in October.