Sen. John McCain (R-Az.) on Thursday ripped into the authors and supporters of the Cybersecurity Act of 2012 for what he called “legislative bullying,” suggesting that democrats are attempting to push a flawed bill through the Senate without input from those that oppose the bill.

During a hearing of the Senate Homeland Security and Governmental Affairs Committee, McCain sent an unexpected shot across the bow of committee chairman Sen. Joseph Lieberman (I-CT), stating that a lack of transparency in the legislative process that led to the drafting of the bill has now forced him and at least seven other Republicans to begin work on “an alternative” cybersecurity bill that they plan to introduce before the end of the month.

The Cybersecurity Act of 2012, sponsored by Lieberman and others, would grant the Department of Homeland Security vast new regulatory authorities over select portions of the nation’s critical infrastructure – everything from the national electric grid to transportation, water and financial services, among others.

It would also require the private sector owners and operators of these critical systems to demonstrate and certify on an annual basis that they have taken the appropriate security measures as determined by risk-based cybersecurity performance requirements developed by a hodgepodge of federal and state agencies with input from the private sector.

Thursday’s hearing on the bill came only two days after it was introduced in the Senate. But more troubling for McCain is the fact that Sen. Majority Leader Sen. Harry Reid (D-NV) has already scheduled the bill for a floor debate “without a single markup.” McCain called the lack of transparency “outrageous” given the significant policy difference he and others have with the language contained in the legislation.

“I question why we have yet to have a discussion about which agency is best suited” to protect our country from cyber attacks, said McCain, in a direct challenge of the bill’s proposal to centralize federal and critical infrastructure cybersecurity responsibilities in the DHS’ National Center for Cybersecurity and Communications (NCC).

McCain specifically challenged the lack of any authorizations to fund what he called a “leviathan” at DHS, as well as the danger that “unelected bureaucrats” could promulgate rules and regulations that would hurt the economy, especially small businesses.

Lieberman, clearly stunned by McCain’s outspoken opposition, shot back. “I’m disappointed by your statement,” said Lieberman. “We pleaded for involvement and a lot of people, including yourself, have not come to the table.”

Secretary of Homeland Security Janet Napolitano left no doubt about her support for the bill. “The current [cybersecurity] threat outpaces our existing authorities,” she said. “This legislation would materially improve our ability to address the threat. Now is not the time for half-measures.”

According to Napolitano, the most important aspect of the legislation would be the authority granted to the DHS to “bring all of the nation’s critical infrastructure up to a certain baseline of security.” Also important are the liability protections granted to the private sector operators of the nation’s critical infrastructures who will be compelled to share information with the government about cyber attacks.

“This is a very regulation light bill,” said Napolitano. “This is a security bill.”

But Napolitano’s predecessor, Tom Ridge, who served as the nation’s first Secretary of Homeland Security, took issue with what he described as an overly “proscriptive” piece of legislation.

Testifying on behalf of the U.S. Chamber of Commerce, where he leads the National Security Task Force, Ridge questioned the need for yet another piece of legislation that defines critical infrastructure and whether the government or the private sector is best suited to protect it.

“We don’t need a piece of legislation that identifies critical infrastructure,” said Ridge. “We’ve been working on that for 10 years.”

After rattling off a laundry list of laws and presidential directives dealing with post-9/11 critical infrastructure protection and cybersecurity, Ridge characterized the Cybersecurity Act of 2012 as a bill that offers a “definition that appears to have no walls, ceiling or floors but also seems to be redundant.”

The hearing took yet another contentious turn when Ranking Member Sen. Susan Collins (R-ME) called it “ironic” that the U.S. Chamber of Commerce would be against the bill when its own network had recently come under attack by Chinese hackers for 6 months and didn’t know about it until the FBI had alerted them.

“You bring up a good point, Senator,” said Ridge. “Why in the world did the FBI delay informing the organization that represents the economic infrastructure of America?” questioned Ridge, in a clear challenge to the very notion that government regulation of cybersecurity would lead to better security.

The private sector owners and operators of the nation’s critical infrastructure are “probably better positioned to be able to calculate systemic failure…than even an agency of the federal government,” he said.

Collins countered that she couldn’t understand how the bill would produce burdensome standards when the private sector is involved in developing the standards.

The so-called “light touch” of the legislation is a “slippery slope,” said Ridge. “Requirements are proscriptions, proscriptions are mandates.”

Following are links to the prepared testimonies of leading witnesses testifying at the hearing:

John D. Rockefeller IV, U.S. Senate

Dianne Feinstein, U.S. Senate

Janet A. Napolitano, Secretary, U.S. Department of Homeland Security

Thomas J. Ridge, Chairman, National Security Task Force, U.S. Chamber of Commerce

Stewart A. Baker, Partner, Steptoe & Johnson

James A. Lewis, Ph.D., Director and Senior Fellow, Technology and Public Policy Program, Center for Strategic and International Studies

Scott Charney, Corporate Vice President, Trustworthy Computing Group, Microsoft Corporation