Search
Increased Cybersecurity Activity on the Hill
Posted
Since the start of the 112th Congress, there has been a heightened focus on cybersecurity. Congress has not passed new cybersecurity related legislation since 2002 when the Federal Information Security Management Act was enacted. In 2011, the Obama Administration announced its cybersecurity proposal, and a number of bills are currently active in both the House and Senate that focus on different aspects of cybersecurity and the mechanisms to protect private infrastructure and networks against cyber threats. One of the major philosophical differences between the various bills is which government entity should be responsible for cybersecurity – the Department of Homeland Security (DHS) or the National Security Agency (NSA). The Administration’s proposal favors DHS over NSA.
The most widely supported proposal is the bipartisan Cybersecurity Act of 2012 sponsored by Sens. Joe Lieberman (I-Conn) and Susan Collins (R-Maine). The hallmark of this Bill is the requirement that companies notify DHS of intrusions into their networks and the creation of mandatory compliance with industry specific cybersecurity standards. Senator John McCain (R-AZ) has a competing bill in the Senate, the Secure IT Act (S.2151), that focuses on self-regulation by the private sector rather than imposing government standards.
In the House, there are three notable active bills: (i) The Secure IT Act (H.R. 4263) , (ii) the Promoting and Enhancing Cybersecurity and Information Sharing Effectiveness Act “PRECISE Act” (H.R. 3674), and (iii) the Cyber Intelligence Sharing and Protection Act of 2011(H.R. 3523). The House Secure IT Act was introduced on March 27, 2012, and mirrors Sen. McCain’s version of the bill. The two other bills set cybersecurity standards for critical private networks and focus on information sharing mechanisms between the government (notably the NSA) and internet service providers so that threatening traffic can be blocked before causing harm.