The Senate wing of the Capitol.

Congress isn't ignoring cybersecurity as lawmakers return to Washington this week. But it's unlikely the House or Senate will vote on any significant cybersecurity legislation before they adjourn later this month in advance of the fall election.

Alhough no votes on cybersecurity bills have been scheduled, the Senate Homeland Security and Governmental Affairs Committee will hold a hearing to look into the ties between cybersecurity and terrorism on Sept. 10. The same day, the House Armed Services Subcommittee on Intelligence, Emerging Threats and Capabilities will explore cybersecurity in the military services.

Cybersecurity is seen as a growing concern among lawmakers, but it pales when compared with other issues Congress must confront in the next few weeks, including funding the government for fiscal year 2015, which begins Oct. 1. Without enacting a so-called continuing resolution, the federal government would shut down. Other issues are grabbing senators and representatives attentions, too, such as the increasing threat posed by the Islamic State terrorist group in Iraq and Syria and the Russian-Ukraine conflict.

Non-Campaign Issue

At this point in the legislative session, lawmakers - especially those up for re-election - either promote legislation that could help boost their re-election chances or do nothing, in order to cause no harm to their hopes to return to Congress next year. Despite a growing number of data breaches that have gained widespread attention, cybersecurity has yet to become an issue that candidates run on.

"Not many [lawmakers] know how this is really affecting their constituency," says Congress watcher Hord Tipton, executive director of the IT security certification organization (ISC)2 and a former Interior Department chief information officer. "This should soon become a campaign issue because people are hurting more with each passing session of Congress."

Because voters aren't demanding enactment of cybersecurity legislation, legislative leaders - especially in the Senate - don't feel pressured to bring these bills up for a vote.

"People have heard about cybersecurity - and don't like the breaches - but they don't feel like they understand it or have a strong opinion as to what to do about it," says Larry Clinton, president of the Internet Security Alliance, a trade association. "So, they are [not] pressuring their elected representatives to take action, because they are not sure what action to take."

Active House

In the current Congress, the Republican-led House passed a number of cybersecurity bills. One piece of legislation, known as the Cyber intelligence Sharing and Protection Act (see House Handily Passes CISPA), would encourage businesses to share cyberthreat information with the government. Another would reform the Federal Information Security Management Act, known as FISMA, the law that governs federal government information security (see FISMA Reform Passes House on 416-0 Vote). Those bills had received bipartisan support. But the Democratic-led Senate has not passed significant cybersecurity legislation in years.

Why so? The rules of Congress make getting bills through the Senate more difficult. "In the House, if the majority wants to move a bill, they pretty much can, whether they have bipartisan support or not," Clinton says. "In the Senate, virtually any senator can block a bill. Even bills with bipartisan support in the Senate have trouble getting on and off the Senate floor."

House cybersecurity bills generally are narrowly focused. In the Senate, the legislation often combines a number of measures into an omnibus bill, and that makes building a consensus harder to achieve.