Although legislators are working on protecting client data from hackers, some think they're not working hard enough.

Washington is moving to address cybersecurity threats, but some say not as aggressively as it should.

The House Committee on Homeland Security unanimously approved in early February H.R. 3696, the National Cybersecurity and Critical Infrastructure Protection Act of 2013, and leaders of the Senate Intelligence Committee said in early May that they would introduce a modest bill that would grant antitrust immunity to firms that share data and monitor against hacking and data breaches.

But political strategist Greg Valliere predicted that Washington “won’t meaningfully tackle this issue until there’s a spectacular cybersecurity incident.”

Valliere noted in a May commentary that “a more muscular bill” to give the government new power to coordinate anti-hacking policies “has stalled—thanks to the privacy paranoia generated by Edward Snowden and the ACLU.”

Indeed, in introducing H.R. 3696, Committee Chairman Michael McCaul, R-Texas, said that the federal government’s response to the cyberthreat “has so far been haphazard.”

H.R. 3696 was sent to the full House for consideration and codifies several cybersecurity efforts already in progress; beefs up others, like the National Cybersecurity and Communications Integration Center; and focuses on partnerships with the private sector. It is intended to be budget neutral.

The Financial Stability Oversight Council included in its 2014 priorities list cyberthreats and the increase of trading-related operational outages and incidents that could cause disruptions to markets and the financial system.