A new cybersecurity bill was introduced by members of the House Homeland Security Committee on Thursday, December 15, 2011. Named the “Promoting and Enhancing Cybersecurity and Information Sharing Effectiveness Act (PrECISE Act),” the proposal would establish a federal overseer as a quasi-government agency which would coordinate information sharing between the private and public sector.
According to thehill.com, the new bill:
“…Encourages private firms to share information on cyber threats but stops short of mandating new security standards for sectors deemed critical to national security….
…By authorizing DHS to oversee civilian cybersecurity, the legislation aligns with proposals from both the Senate and the White House, but it is unclear how much authority DHS would have to enforce its security standards. Democrats have argued DHS needs some enforcement authority to ensure firms beef up their network protections.”
One interesting thing about this legislation is that it brings together the various political sides which all recognize that action is needed, but can’t seem to agree on much right now. Many experts now see cybersecurity legislation moving forward in a bipartisan fashion in early 2012.
The weight of evidence and the sense of cyber urgency has recently grown, with articles like this Bloomberg piece that proclaims: China-Based Hacking of 760 Companies Shows Cyber Cold War. Here’s an excerpt:
“…They are stealing everything that isn’t bolted down, and it’s getting exponentially worse,” said Representative Mike Rogers, a Michigan Republican who is chairman of the Permanent Select Committee on Intelligence….
“Introduction of this legislation represents a solid and significant step forward in the effort to secure our nation’s cyber infrastructure. While I am not prepared to give my full support to the bill at this time, there’s a lot to like in this bill," said ranking member Bennie Thompson (D-Miss.). "I am pleased that it gives DHS the authority and resources it needs to fulfill its cybersecurity mission instead of creating a whole new bureaucracy or complicated regulatory framework."
There are conflicting views on whether the “Precise Act” would help secure critical infrastructures. Some reports, such as infowars.com, were already claiming that the bill would institute a new “federal Big Brother.” Many in the privacy community seem to be opposed to the concept, with comments to the article at lucianne.com starting with “NO!!!”
My view is that better coordination is required and legislation needed to improve our cyber defenses regarding the nation’s critical infrastructure. The analogies to a new cold war are very relevant, and stronger action steps are helpful by Congress and DHS.
What are your thoughts on this cyber topic?