House Wants Private Sector To Help Bolster U.S. Cyber Defense

An analyst works at the government’s secretive cyber defense lab, Sept. 29, 2011, in Idaho Falls, Idaho. The Homeland Security Department's Control System Security Program facilities are intended to protect the nation's power grid.

Mark J. Terrill/AP

AA Font size + Print

An analyst works at the government’s secretive cyber defense lab, Sept. 29, 2011, in Idaho Falls, Idaho. The Homeland Security Department's Control System Security Program facilities are intended to protect the nation's power grid.

House lawmakers think partnerships between the private sector and DHS will go a long way toward protecting America's vulnerable civil infrastructure. By Rebecca Carroll

Two bills to strengthen cybersecurity in the systems that underlie the nation’s energy, water and food supplies passed the House on Monday evening, along with a measure to improve the federal government’s cyber workforce.

A bill (H.R. 3696) introduced by Rep. Michael McCaul, R-Texas, seeks to strengthen the Department of Homeland Security’s ability to protect 16 critical sectors — including defense, health, energy and food — by establishing partnerships with the private sector and enhancing programs already in place.  

The legislation would formalize the role of the National Cybersecurity and Communications Integration Center, which was established in 2009 to help critical-infrastructure sectors share cyber-threat information in real time.

The Congressional Budget Office on Monday said a separate Senate bill to codify the center’s role would not result in significant costs.

Other legislation passed by the House on Monday included a bill (H.R. 2952) introduced by Rep. Patrick Meehan, R-Pa., to improve critical-infrastructure security technology and a bill (H.R. 3107) from Rep. Yvette Clarke, D-N.Y, to bolster DHS’ cyber workforce.

McCaul, chairman of the House homeland security committee, cited fears that the country is in “a pre-9/11 mindset” regarding cybersecurity.

“A successful cyberattack on our nation’s water systems, oil and gas pipelines, power grids and mass transit systems on the scale of the recent retail breaches could cause crippling economic damage and could even cost lives,” he said, referring to breaches at Target and Neiman Marcus, among others.

“The reality is the threat is outpacing our readiness to combat it,” he said. “This bipartisan bill establishes a true partnership between DHS and the private sector to ensure the distribution of real-time cyber threat information in order to secure our nation in cyberspace without burdensome mandates or regulations.”

It was unclear when the Senate would take up the measures.

Close [ x ] More from DefenseOne
 
 

Thank you for subscribing to newsletters from DefenseOne.com.
We think these reports might interest you:

  • Federal IT Applications: Assessing Government's Core Drivers

    In order to better understand the current state of external and internal-facing agency workplace applications, Government Business Council (GBC) and Riverbed undertook an in-depth research study of federal employees. Overall, survey findings indicate that federal IT applications still face a gamut of challenges with regard to quality, reliability, and performance management.

    Download
  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

    Download
  • GBC Issue Brief: Supply Chain Insecurity

    Federal organizations rely on state-of-the-art IT tools and systems to deliver services efficiently and effectively, and it takes a vast ecosystem of organizations, individuals, information, and resources to successfully deliver these products. This issue brief discusses the current threats to the vulnerable supply chain - and how agencies can prevent these threats to produce a more secure IT supply chain process.

    Download
  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

    Download
  • Information Operations: Retaking the High Ground

    Today's threats are fluent in rapidly evolving areas of the Internet, especially social media. Learn how military organizations can secure an advantage in this developing arena.

    Download

When you download a report, your information may be shared with the underwriters of that document.