Just to clarify... He is taking the steps to investigate the vulnerabilities, and take precautions against further intrusion. This is not to be confused with "let's go catch these boogeymen."
This just seems like a reasonable reaction (for once), unless I am mis-reading here. I did not RTFA.
Well, the article is not really much more informative than the summary on this matter, but both of them suggest that at least part of the focus is on improving security at these sensitive sites rather than going after whichever baddies this week hacked into a government contractor's network and divulged sensitive info they found there. And that is indeed the right focus; it is obvious that the knowledge necessary to break into these sites is in the wild and capturing one group of attackers is going to do little to secure the information stored on other, as-yet-unhacked networks. The problem is that inadequate methods have been used to secure the information in the first place. So I have to agree with you.
Furthermore, what is pointed out in the article is that there are multiple Congressional committees claiming at least partial jurisdiction over the issue and suggesting cybersecurity legislation. McCain proposes a single committee to clearly govern this area and thus to consolidate this legislation in one place to avoid conflicting bills coming from different groups. I can't say whether this will actually succeed in doing something useful -- it really depends on whether they get knowledgeable people on the committee -- but it has a better chance than the current approach. In theory, the knowledgeable people, even if they aren't on the committee or even in Congress, should know to address this group; hopefully the committee gets populated with Congressmen who are able to distinguish the ideas of value from those of everybody else who wants to restrict computers or the Internet in whatsoever way.
If the code and the comments disagree, then both are probably wrong. -- Norm Schryer