Some members of Congress, concerned about shoddy cybersecurity at government and critical technology websites, are proposing that the Department of Homeland Security should have the power to force private networks to secure themselves more effectively. 

But several cybersecurity experts say a broadly worded bill that has been referred to the House Committee on Homeland Security could impact many ordinary tech firms that merely play a role in infrastructure. If the bill becomes law, even firms like Apple, Microsoft and Google could come under DHS's thumb, says Michael Gregg, chief operating officer of the cybersecurity firm Superior Solutions.

"They are stepping forward to regulate a potentially huge amount of the Internet," Gregg told FoxNews.com. "It's up to DHS to decide who they want to fall under this umbrella. I have little doubt that large tech companies such as AT&T, Verizon, Microsoft, Google, Apple and Cisco could all find themselves being heavily regulated."

The Homeland Security Cyber and Physical Infrastructure Protection Act of 2010 (HR 6423, proposed by Rep. Bennie G. Thompson, D-Miss.) would empower DHS to set security standards for the networks at various private facilities and would authorize penalties against any websites it deems to have lax security. The bill's goal is to muscle better security onto ..gov websites and critical infrastructure sites, including ports and power plants, to limit the country's vulnerability to cyber espionage, said Thompson.

"The new bill just takes it to the point that forces things to be done. Before it was a public-private relationship based upon cooperation and collaboration. Now it could be a forced march to compliance. Cooperation and collaboration only goes so far when it is not economically in a company's best interest to change a product or behavior," he said. 

But the real concern lies in the breadth of the bill, Bardin agreed. Any technology company that sells to key infrastructures could potentially be regulated by it, said Bardin. He cited a laundry list of technology companies that could be affected, including Oracle, Symantec, EMC, Cisco, HP, Dell and others.