Congress moves cyber-hiring, FISMA measures

Included in a bill the House cleared Dec. 10 are provisions that would speed the Department of Homeland Security’s hiring of cybersecurity professionals and allow DHS to pay them more.

The Senate passed the bill, whose banner purpose is simplifying the pay system for border agents, on Sept. 18; the House cleared it by voice-vote on Dec. 10. The legislation now needs President Barack Obama’s signature to become law.

The measure would bring DHS’s ability to hire cyber talent on par with that of the Defense Department and the National Security Agency, according to a statement from Senate Homeland Security and Governmental Affairs Chairman Tom Carper (D-Del.), a key proponent of the bill. DHS has struggled to compete with both the private sector and, according to Carper, other federal agencies in recruiting and retaining cybersecurity professionals.

Two other cyber-related bills have also moved this week. On Dec. 10, the Senate passed a bill by voice vote that would codify an existing cybersecurity center at DHS. The National Cybersecurity and Communications Integration Center is DHS’ 24/7 hub for monitoring cyber threats and sharing information with the private sector. That measure now goes to the House, which passed its own bill to codify NCCIC in July.

Meanwhile, the Senate on Dec. 8 passed an update to the Federal Information Security Management Act, also by voice vote. The FISMA Modernization Act would place the authority to set federal information security policies for civilian systems at the Office of Management and Budget, and put DHS in charge of administering security rules. It would require agencies to notify Congress within seven days of a suspected major security breach.

OMB in October gave DHS enhanced authority to scan federal networks, through guidance issued by OMB Director Shaun Donovan.

Carper, who sponsored the FISMA reform bill, said in a statement that the measure would “modernize our outdated federal network security laws, provide the tools and authorities needed to improve security at our federal agencies, and increase transparency and accountability for data breaches at federal agencies.”

Carper’s House counterpart, Rep. Darrell Issa (R-Calif.), chairman of the House Oversight and Government Reform Committee, has his own bill that focuses policy and implementation at OMB. That bill passed the House in April 2013. A spokesperson released a statement saying that Issa doesn’t back the Carper bill, and wants to see the Senate take up his version.

Lawmakers looking to give the executive branch more tools to combat cyber threats will be encouraged by the progress of the trio of bills. Yet perhaps the bigger prize, a cyber information-sharing bill that some senior lawmakers are eager to pass, still lies idle, with virtually no time left on the legislative calendar for the 113th Congress.