Step Forward For Cyber Policy

The 2010 Protecting Cyberspace as a National Asset Act came out of the Senate Subcommittee on Federal Financial Management today, giving cybersecurity policy another push toward President Obama's desk.

The Senate bill is similar to the House's 2011 National Defense Authorization Act in that it calls for continuous monitoring, establishes a congressionally-mandated executive cyber office in the White House and puts emphasis on federal agencies to do procurement to buy security that is baked into hardware and software.

"Thursday was a very good day for information security in government," said Alan Paller, director of research for the SANS Institute. "The Senate began the process of transforming federal information security so that the U.S. government can lead by example in making America's computers and networks much safer than they are today."

According to a press release from Sens. Tom Carper, D-Del., Joe Lieberman, I-Conn., and Susan Collins, R-Maine, the bill will "modernize the government's ability to safeguard the nation's cyber networks from attack and bring government and industry together to set national cyber security priorities and improve national cyber security defenses."

This is another big day, one that would have been practically inconceivable three years ago. But with bills now pending in both houses of Congress, the momentum is clearly visible. Though there's still time in this legislative session, a final version isn't likely to come out until next year.

Adam Ross is managing editor at the SANS Institute and wrote, edited, and Web produced for The Washington Post's opinions and politics sections, online and in print. You can reach him at aross@nextgov.com.