A new cybersecurity bill was introduced by members of the House Homeland Security Committee on Thursday, December 15, 2011. Named the “Promoting and Enhancing Cybersecurity and Information Sharing Effectiveness Act (PrECISE Act),” the proposal would establish a federal overseer as a quasi-government agency which would coordinate information sharing between the private and public sector.
According to thehill.com, the new bill:
“…Encourages private firms to share information on cyber threats but stops short of mandating new security standards for sectors deemed critical to national security….
…By authorizing DHS to oversee civilian cybersecurity, the legislation aligns with proposals from both the Senate and the White House, but it is unclear how much authority DHS would have to enforce its security standards. Democrats have argued DHS needs some enforcement authority to ensure firms beef up their network protections.”
One interesting thing about this legislation is that it brings together the various political sides which all recognize that action is needed, but can’t seem to agree on much right now. Many experts now see cybersecurity legislation moving forward in a bipartisan fashion in early 2012.
The weight of evidence and the sense of cyber urgency has recently grown, with articles like this Bloomberg piece that proclaims: China-Based Hacking of 760 Companies Shows Cyber Cold War. Here’s an excerpt:
“…They are stealing everything that isn’t bolted down, and it’s getting exponentially worse,” said Representative Mike Rogers, a Michigan Republican who is chairman of the Permanent Select Committee on Intelligence….
“Introduction of this legislation represents a solid and significant step forward in the effort to secure our nation’s cyber infrastructure. While I am not prepared to give my full support to the bill at this time, there’s a lot to like in this bill," said ranking member Bennie Thompson (D-Miss.). "I am pleased that it gives DHS the authority and resources it needs to fulfill its cybersecurity mission instead of creating a whole new bureaucracy or complicated regulatory framework."
There are conflicting views on whether the “Precise Act” would help secure critical infrastructures. Some reports, such as infowars.com, were already claiming that the bill would institute a new “federal Big Brother.” Many in the privacy community seem to be opposed to the concept, with comments to the article at lucianne.com starting with “NO!!!”
My view is that better coordination is required and legislation needed to improve our cyber defenses regarding the nation’s critical infrastructure. The analogies to a new cold war are very relevant, and stronger action steps are helpful by Congress and DHS.
What are your thoughts on this cyber topic?
Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker and author.
During his distinguished career, he has served global organizations in the public and private sectors in a variety of executive leadership capacities, receiving numerous national awards including: CSO of the Year, Public Official of the Year and Computerworld Premier 100 IT Leader.
Lohrmann led Michigan government’s cybersecurity and technology infrastructure teams from May 2002 to August 2014, including enterprisewide Chief Security Officer (CSO), Chief Technology Officer (CTO) and Chief Information Security Officer (CISO) roles in Michigan.
He currently serves as the Chief Security Officer (CSO) and Chief Strategist for Security Mentor Inc. He is leading the development and implementation of Security Mentor’s industry-leading cyber training, consulting and workshops for end users, managers and executives in the public and private sectors. He has advised senior leaders at the White House, National Governors Association (NGA), National Association of State CIOs (NASCIO), U.S. Department of Homeland Security (DHS), federal, state and local government agencies, Fortune 500 companies, small businesses and nonprofit institutions.
He has more than 30 years of experience in the computer industry, beginning his career with the National Security Agency. He worked for three years in England as a senior network engineer for Lockheed Martin (formerly Loral Aerospace) and for four years as a technical director for ManTech International in a US/UK military facility.
Lohrmann is the author of two books: Virtual Integrity: Faithfully Navigating the Brave New Web and BYOD for You: The Guide to Bring Your Own Device to Work. He has been a keynote speaker at global security and technology conferences from South Africa to Dubai and from Washington, D.C., to Moscow.
He holds a master's degree in computer science (CS) from Johns Hopkins University in Baltimore, and a bachelor's degree in CS from Valparaiso University in Indiana.
Follow Lohrmann on Twitter at: @govcso
Building effective virtual government requires new ideas, innovative thinking and hard work. From cybersecurity to cloud computing to mobile devices, Dan discusses what’s hot and what works in the world of gov tech.