Homeland Security Watch

News and analysis of critical issues in homeland security

April 22, 2012

Cybersecurity Week in the House

Filed under: Cybersecurity,General Homeland Security — by Jessica Herrera-Flanigan on April 22, 2012

Today marks the start of the self-declared “Cybersecurity Week” in the House.  Last Friday, the House Republican Leadership announced that four bills would be considered this week to “address the cybersecurity threat facing our country.”  In announcing the schedule, Speaker Boehner, Majority Leader Cantor, and the House GOP’s Cybersecurity Task Force Leader Thornberry, stated:

The focus of these bills is consistent with the recommendations released by the task force last October that address the central issue the federal government and industry have stated must be addressed now: updating existing cybersecurity laws to provide the legal authorities to allow for information-sharing and public-private partnerships. Information-sharing is crucial to stopping the persistent and aggressive threat facing all aspects of our economy, our critical infrastructure, our communications, and our nation’s security.

The focus of these bills is consistent with the recommendations released by the task force last October that address the central issue the federal government and industry have stated must be addressed now: updating existing cybersecurity laws to provide the legal authorities to allow for information-sharing and public-private partnerships. Information-sharing is crucial to stopping the persistent and aggressive threat facing all aspects of our economy, our critical infrastructure, our communications, and our nation’s security.

Overall, the bills enjoyed somewhat bipartisan support, though as discussed in a bit, much of the criticism has been focused on what was not included as what was.  Among the bills to be considered:

  • Cyber Intelligence Sharing and Protection Act (H.R. 3523) – A Mike Rogers (R-MI)/Dutch Ruppersberger (D-MD) bill coming out of the Intelligence Committee.  The bill would allow the government to provide classified information to companies to allow them to to protect their networks.  The bill also authorizes private-sector entities to defend their own networks and to those of their customers, and to share cyber threat information with others in the private sector, as well as with the federal government on a purely voluntary basis.   This bill, which many consider the lynchpin of the House efforts, has garnered significant criticism from the privacy and civil liberties groups.  These interests have equated the bill to the doomed SOPA/PIPA bills, stating that it violates Constitutional rights.  The sponsors made significant changes last week to try to address the privacy concerns but still have met criticism.  Just last Friday, House Homeland Security Committee Ranking Member Bennie Thompson (D-MS) sent around a Dear Colleague stating that the bill “would create a “Wild West” of cyber information sharing, where any certified private entity can share information with any government agency.” Despite these criticisms, the bill has garnered the support of numerous companies and technology groups.
  • Federal Information Security Amendments (H.R. 4257) – Introduced by Oversight and Government Reform Chairman Darrell Issa, this bill tackles the mess that is the Federal Information Security Management Act (FISMA).  It improves the framework for securing information technology systems, focusing on “automated and continuous” monitoring and dictates that OMB should play a significant role in FISMA compliance. The bill is relatively uncontroversial, as most agree that FISMA needs fixing.
  • Cybersecurity Enhancement Act (H.R. 2096) – Another uncontroversial bill is Rep. Mike McCaul’s (R-TX) legislation tackles cyber R&D.  It strengthens NSF and NIST technical standards and cybersecurity awareness, education and talent development capabilities.
  • Advancing America’s Networking and Information Technology Research and Development (NITRD) Act (H.R. 3834) - Introduced by Science, Space & Technology Chairman Ralph Hall (R-TX), this bill reauthorizes the NITRD program, including its efforts relating to cyber R&D. This is another bill that is uncontroversial.

Missing from the list above?  Rep. Dan Lungren’s  (R-CA) PRECISE Act, which the Congressman essentially gutted during the House Homeland Security Committee Full Committee mark-up last week so as to win the support of House Republican leadership for inclusion in cybersecurity week.  The bill, which provided for the creation of voluntary cybersecurity standards that would be created by DHS and the private sector, apparently was still too regulatory in nature for the House’s Leadership, which preferred to leave unaddressed how critical infrastructures are secured.  There is still a chance that Rep. Lungren’s bill will be offered during the week, though that is seen as unlikely given Democratic opposition to the scaled back version of the bill that passed out of Committee along partisan lines.

Other issues that are not being addressed this week but we might see legislation on in the coming months:

  • cybercrime penalties and authorities. The House Judiciary Committee was expected to mark up legislation this past month but is reassessing its efforts in light of the 9th Circuit’s decision in U.S. vs Nosal a few weeks ago limiting the Computer Fraud and Abuse Act’s application in certain cases;
  • electric grid security: House Energy & Commerce may look more closely at cyber efforts to secure smart grids and the like
  • data breach/notification: Perhaps the issue that affects consumers the most in their day-to-day lives, it is unclear whether the House will move any legislation on this front, though Rep. Mary Bono Mack (R-CA) of the House Energy & Commerce Committee has mentioned that she is taking a close look at the issue and legislation.

Whatever happens in the House this week, the future of cybersecurity legislation remains unclear. The Senate has the Lieberman-Collins bill that has been awaiting action for months.  Whether the House’s decision to move forward on legislation will motivate the Senate to act is not known though it is clear that the issue of cybersecurity is not going away anytime soon.

 

Share and Enjoy:
  • Digg
  • Reddit
  • Facebook
  • Yahoo! Buzz
  • Google Bookmarks
  • email
  • Print
  • LinkedIn

4 Comments »

Pingback by Homeland Security Watch » What Is The Nature of the Cyber Threat?

April 23, 2012 @ 3:24 am

[...] Ms. Herrera-Flanigan introduced in her last post, it is “Cybersecurity Week” for the U.S. House of Representatives. I am going to go out [...]

Comment by William R. Cumming

April 23, 2012 @ 4:57 am

As I suggested in a drafting session on PD-63 in 1998 the definition of the crime known as “sabotage” should be the first step before any of this legislation is adopted. The Congress is impulsively trying to make things better and it will make them worse by adoption of any of these bills in their entirety.

Strongly urge that they be studied in depth by GAO and others in more public hearings until the next Congress.

The real underlying issue is who will pay for cyber security in the future? These bills all shift the costs to the taxpayer even though it typically does not do system development on its own and usually pays for the development of what become proprietary systems.

So those in love with cost benefit analysis should demand that be done before enactment not after.

The IT sector has long been propped up by federal dollars directly or through the tax code and this subsidy is as ridiculous to perpetrate as that federal subsidy through the front and back door for the energy and airline sectors. Time to end corporate socialism in American policy circles.

Was the Dot-Com bubble enhanced by Y2K preparedness?

Comment by "Sabotage" Its Definition; Cybersecurity and Congressional Action Required; Amb. John Bolten For President

April 23, 2012 @ 9:27 am

If we have a true Patriotic blogger on the inside, pls do forward William Cumming’s comment to all Congressional memners and then some as most of us are indeed very concerned about cybersecuroity threats and the immediacy of requirement to stay on top of the issues and challenges given the technology available to all so let’s get Bill’s comment before our decision-makers….

Clearly identifying – sabotage – is a necessity and for me what may be construed as – treason – as many know how strongly I feel when it comes to this “Goldman Sachs” WH at the directive of a Chicago community organizer who I mistrust as he whispers to the – hammer and sickle and makes every effort to besiege the Constitution we have been bequeatrhed with and cautioned to protect against those from within as our citizen duty….Those keeping a close eye on thweir Rights to carry arms for all lawful purpose and thopse watchinging discussions re our sovereignty and fleet of vessels…those watching this WH engage with these thugs, this regime in Tehran…these “Brutes of Tehran” who these “KGB Putinites” are very much supportive of …

….well folks, We do not need any agreements in place with these other 100 countries who are as corrupt and self-centered as the UN itself from the top down and we best keep our Citizen arms close to our vest, our vessels and sovereign status in tact on the seas and caution to the wind for the prevailing winds of Rev Wright and his contention preaching all those years to the young Chicago community organizer attentive listening as to his support of Iran…be on guard as our budget deficit has soared under this administration and intentionally so and be weary as John Kerry, another ienpt elitist sets his sight on the Secretary of State’s post…His arrogant demeanor, another left wing liberal who thins he knows best…Well, Uncle Johnny — Daddy knows best and not you for We here on “Main Street USA” Respected the vision of our insightful forefathers and we’ver seen enough “Change” taken from our pockets!

We are a Republic and a sovereign nation on the seas and with respect to individual Rights and yes, We fled King George III and his burdensome ways and on election day, We will stand shoulder to shoulder, forthright and protect our Constitution and individual Rights as – legal citizens – and finding it unncessary to afford our Rights to an international court in any way….

God Bless America!

Let’s get this commenet herein from Bill Cumming re cybersecurity and a clear understanding under the law of – sabotage – in order. Kep a weary eye on the Chicago group as well as they wield far too much power and far too much influence within the federal government infrastructure lusting for more….as their banker pals will continue to erode our very core if we so permit.

On the Lexington Green a week ago, early in the morning the musket could be heard as our fellow Patriots fell to the ground striving to establish their own representation for they knew the time had arrived that they could no longer rely on anyone but themselves…the time has come again. We are no longer represented by a government so immersed in such self-agenda and outright corruption.

Those we have “entrusted” to fulfill their pledge to public service have made it quite clear that the Judeo-Christian values this once great nation was founded upon are no longer Respected by the very same who pledge on the Boible to place first before all else…

We as a nation are at peril and former Ambassador John Bolten, please rise to the occasion and help us Sir for it is You Sir who must stand and represent our beloved Republic! We will muster a national write-in campaign if you pledge your personal commitment to lead our nation back to halt the tyranny, the dysfunctional ways and intentional deceit conveyed upon the good and most charitable fellow American people.

chris.tingus@gmail.com

RSS feed for comments on this post. TrackBack URI

Leave a comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>