COMMENTARY

A cyber bill worth enacting

Despite some industry concerns, the Senate cybersecurity bill hits the right marks

We have routinely supported those who call for the overhaul of the Federal Information Security Management Act and highlight the need for more effective, real-time situational awareness in securing federal information systems. So the long-awaited cybersecurity bill (S. 3480) introduced in the Senate June 10 by Sens. Joe Lieberman (I-Conn.), Susan Collins (R-Maine) and Thomas Carper (D-Del.) is welcome news — and an important milestone that should draw cheers from many quarters.

The 2010 Protecting Cyberspace as a National Asset Act stands out among a recent flurry of congressional efforts to address national cybersecurity, in part for what the bill proposes and what it does not and because of its probability of being enacted.

The legislation, among other measures, would create a White House Office of Cyberspace Policy, led by a Senate-confirmed director, to oversee all federal cybersecurity efforts. It also would create a National Center for Cybersecurity and Communications at the Homeland Security Department to defend .gov networks and oversee the defenses of the nation’s most critical infrastructure. 


Related stories:

FISMA reform would elevate White House’s cyber authority

Consensus is growing for reform of flawed FISMA


Less visible but equally important, the legislation would set up a more clearly defined framework for government and the private sector to develop a baseline of security requirements that DHS would enforce for that infrastructure. It would provide DHS much-needed help in building its cyber workforce. 

The bill also recognizes the role federal procurement can play in getting vendors to do their part in the cyberspace ecosystem by focusing new attention on the potential vulnerabilities in the global supply chain — by requiring language in actual contract specifications, not just the Federal Acquisition Regulation, that addresses the integrity of products delivered to the government.

And it would at last do away with a central flaw of FISMA, by removing the outdated manual reporting requirement that wastes, by some estimates, $500 million every year, and replacing it with a requirement to move toward continuous automated monitoring and a foundation for dynamic cyber defense.

One provision of the bill, not surprisingly, has stirred up vocal concern in industry because it would give the president sweeping authority to order companies to take specific security actions to protect private networks from possible cyberattacks.

The concern is that government is too slow to respond and shouldn’t be telling the private sector how to manage its risks. Admittedly, DHS still has a way to go to prove itself. But the bill would actually help DHS better execute its charge to coordinate the situational awareness and forensics activities needed to respond to national cyberattacks. The intent of the legislation is to isolate catastrophic threats. That should actually provide incentives for key industry players to work more closely with DHS for the greater good, which is what this bill is about and why it deserves to reach the president’s desk and become law.

 

About the Author

Wyatt Kash served as chief editor of GCN (October 2004 to August 2010) and also of Defense Systems (January 2009 to August 2010). He currently serves as Content Director and Editor at Large of 1105 Media.

Featured

  • FCW PERSPECTIVES
    sensor network (agsandrew/Shutterstock.com)

    Are agencies really ready for EIS?

    The telecom contract has the potential to reinvent IT infrastructure, but finding the bandwidth to take full advantage could prove difficult.

  • People
    Dave Powner, GAO

    Dave Powner audits the state of federal IT

    The GAO director of information technology issues is leaving government after 16 years. On his way out the door, Dave Powner details how far govtech has come in the past two decades and flags the most critical issues he sees facing federal IT leaders.

  • FCW Illustration.  Original Images: Shutterstock, Airbnb

    Should federal contracting be more like Airbnb?

    Steve Kelman believes a lighter touch and a bit more trust could transform today's compliance culture.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.