Cybersecurity

Can the next Congress get up to speed on cyber legislation?

New Members of the 113th Congress

Newly elected members of Congress will need a crash course on cybersecurity issues, experts say.

Budget discussions could keep Congress in session until Christmas or beyond, but cyber legislation will almost certainly not come up again this session. Cyber threats themselves, however, continue to evolve - and so does the debate over how to deal with it them.

As the conversation continues within other circles of the community, the 80 new incoming lawmakers, along with those already in place, will eventually start anew in the 113th Congress. The gridlock that doomed cybersecurity legislation this year will by no means automatically evaporate, but new members means new opinions - and 80 individuals in need of a crash course on the issues. Education will be critical for even the highest-ranking members, according to industry insiders.

"We're going to get 80 new members in January. It's complicated even for people who have been following the conversation within the Beltway, and it's been happening at least since April," Matthew Rhoades, director of legislative affairs at the Truman Project and Truman Institute. "If you think about it, these members have to be experts in health care, the financial system, Libya and cybersecurity all in one day - how much are they going to retain from April to December? So the education needs to continue."

Rhoades, speaking at a Center for National Policy forum on Nov. 29 in Washington, noted that cybersecurity still is not a mainstream topic.

"So far, this conversation is under the radar. We didn't hear anything about this in the presidential election, it's not leading the local news or on CNN. It's really left to inside the Beltway, and that's confined the debate to three key constituencies," he said: the national security community, the business community and privacy groups.

That limited conversation has contributed to the legislative impasse, he argued.

"The problem is, those are really the only three groups having the primary conversation, and they're misaligned," Rhoades said. "It's below the public radar. And until that dynamic changes, I think we're going to be where we are now - which is stuck. There are opportunities to change the political dynamic, but until we do that, I don't foresee anything productive happening, especially on Capitol Hill."

Other members on the panel highlighted both the urgency and the complexity surrounding cybersecurity, warning that both of those factors mean it is a national security threat that, while still in the early stages, has serious damage potential.

"In addition to the complexity...how do you define something that underlies so much? You're talking about technology. You have cyber crime, you have data breach, you have intellectual property theft, you have critical infrastructure protection and information-sharing," said Jessica Herrera-Flanigan, CNP cybersecurity fellow. "Every single one of those groups is handled by different people on the Hill.... How do you get all those people in a room and not have conflict? It's a problem the administration has faced over the years as they've tried to figure out where cyber belongs within the government."

Could the new faces bring a fresh methodology to the table? It is possible, but even beyond the internal struggles, the cyber threat continues to progress. That too will require a different kind of approach than what has been taken so far, the panelists indicated.

"We certainly know we're seeing scary shifts of transnational organized crime moving into cyber and more cyber mercenaries -- the guys who are really good at one aspect, like breaking into a system or social engineering. They're guns for hire, and it may be different from previous kinds of crime," said Matthew Fleming, Georgetown University professor and fellow at the Homeland Security Studies and Analysis Institute. "We need to remove the stigma from the word 'regulation.'"

About the Author

Amber Corrin is a former staff writer for FCW and Defense Systems.

The 2015 Federal 100

Meet 100 women and men who are doing great things in federal IT.

Featured

  • Shutterstock image (by venimo): e-learning concept image, digital content and online webinar icons.

    Can MOOCs make the grade for federal training?

    Massive open online courses can offer specialized IT instruction on a flexible schedule and on the cheap. That may not always mesh with government's preference for structure and certification, however.

  • Shutterstock image (by edel): graduation cap and diploma.

    Cybersecurity: 6 schools with the right stuff

    The federal government craves more cybersecurity professionals. These six schools are helping meet that demand.

  • Rick Holgate

    Holgate to depart ATF

    Former ACT president will take a job with Gartner, follow his spouse to Vienna, Austria.

  • Are VA techies slacking off on Yammer?

    A new IG report cites security and productivity concerns associated with employees' use of the popular online collaboration tool.

  • Shutterstock image: digital fingerprint, cyber crime.

    Exclusive: The OPM breach details you haven't seen

    An official timeline of the Office of Personnel Management breach obtained by FCW pinpoints the hackers’ calibrated extraction of data, and the government's step-by-step response.

  • Stephen Warren

    Deputy CIO Warren exits VA

    The onetime acting CIO at Veterans Affairs will be taking over CIO duties at the Office of the Comptroller of the Currency.

  • Shutterstock image: monitoring factors of healthcare.

    DOD awards massive health records contract

    Leidos, Accenture and Cerner pull off an unexpected win of the multi-billion-dollar Defense Healthcare Management System Modernization contract, beating out the presumptive health-records leader.

  • Sweating the OPM data breach -- Illustration by Dragutin Cvijanovic

    Sweating the stolen data

    Millions of background-check records were compromised, OPM now says. Here's the jaw-dropping range of personal data that was exposed.

  • FCW magazine

    Let's talk about Alliant 2

    The General Services Administration is going to great lengths to gather feedback on its IT services GWAC. Will it make for a better acquisition vehicle?

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above