|
Videos
December 18, 2011 By Dan Lohrmann
A new cybersecurity bill was introduced by members of the House Homeland Security Committee on Thursday, December 15, 2011. Named the “Promoting and Enhancing Cybersecurity and Information Sharing Effectiveness Act (PrECISE Act),” the proposal would establish a federal overseer as a quasi-government agency which would coordinate information sharing between the private and public sector.
According to thehill.com, the new bill:
“…Encourages private firms to share information on cyber threats but stops short of mandating new security standards for sectors deemed critical to national security….
…By authorizing DHS to oversee civilian cybersecurity, the legislation aligns with proposals from both the Senate and the White House, but it is unclear how much authority DHS would have to enforce its security standards. Democrats have argued DHS needs some enforcement authority to ensure firms beef up their network protections.”
One interesting thing about this legislation is that it brings together the various political sides which all recognize that action is needed, but can’t seem to agree on much right now. Many experts now see cybersecurity legislation moving forward in a bipartisan fashion in early 2012.
The weight of evidence and the sense of cyber urgency has recently grown, with articles like this Bloomberg piece that proclaims: China-Based Hacking of 760 Companies Shows Cyber Cold War. Here’s an excerpt:
“…They are stealing everything that isn’t bolted down, and it’s getting exponentially worse,” said Representative Mike Rogers, a Michigan Republican who is chairman of the Permanent Select Committee on Intelligence….
“Introduction of this legislation represents a solid and significant step forward in the effort to secure our nation’s cyber infrastructure. While I am not prepared to give my full support to the bill at this time, there’s a lot to like in this bill," said ranking member Bennie Thompson (D-Miss.). "I am pleased that it gives DHS the authority and resources it needs to fulfill its cybersecurity mission instead of creating a whole new bureaucracy or complicated regulatory framework."
There are conflicting views on whether the “Precise Act” would help secure critical infrastructures. Some reports, such as infowars.com, were already claiming that the bill would institute a new “federal Big Brother.” Many in the privacy community seem to be opposed to the concept, with comments to the article at lucianne.com starting with “NO!!!”
My view is that better coordination is required and legislation needed to improve our cyber defenses regarding the nation’s critical infrastructure. The analogies to a new cold war are very relevant, and stronger action steps are helpful by Congress and DHS.
What are your thoughts on this cyber topic?
Building effective virtual government requires new ideas and hard work. Security professionals need to be enablers of innovation. From helpful Internet training to defending cloud computing architectures to securing mobile devices, Dan Lohrmann will cover what's hot and what's not in protecting your corner of cyberspace.
RSS
CONTACT
Cyberspace is one area where we can definitely use oversight. What was once a convenience has now moved to a necessity -- a public utility. We also need a cyber doctrine guiding us into the future. Trying to protect everything, we protect nothing. Doctrine defines what we do, what we don't do and how we do it.
Here within Intel IT, we support the idea of information sharing. We also heavily engaged in IT best practices for assessing and managing risks. Your readers might benefit from our Threat Agent Risk Assessment whitepaper. It is a methodology that identifies threat agents that are pursuing objectives which are reasonably attainable and could cause unsatisfactory losses. ftp://download.intel.com/it/pdf/Prioritizing_Info_Security_Risks_with_TARA.pdf thanks, Elaine ITintelsme