|
Videos
May 12, 2011 By Elaine Pittman
The White House will unveil new proposed cyber-security legislation on Thursday, May 12, that will focus on protecting the nation’s citizens, its critical infrastructure and federal systems.
“This is a very important issue and the reason we’re doing it is because ... cyber-crime, online identity theft and theft of intellectual property have been significant challenges for national security, public safety and economic prosperity,” said a senior administration official from the White House during a conference call with the press. He noted that cyber-crime has increased dramatically over the last decade and as a result President Barack Obama has called cyber-security one of the most serious economic and national security challenges.
The proposed legislation is broken down into three main sections:
First, protecting citizens: The legislation would require national data breach reporting. Currently 47 states have laws that require businesses that have suffered an intrusion to notify consumers if the intruder had access to the consumers’ personal information — this bill would set a national standard for the reporting. It also clarifies penalties for computer criminals by setting mandatory minimums for cyber-intrusions into critical infrastructure.
Second, protecting critical infrastructure: The proposal clarifies the type of assistance that the U.S. Department of Homeland Security (DHS) can provide to state or local governments or private-sector companies following a cyber-intrusion. The legislation would also require the DHS “to work with industry to identify the core critical-infrastructure operators and to prioritize the most important cyber threats and vulnerabilities for those operators,” according to a fact sheet.
Under the proposal, breaches against the most crucial critical infrastructure would be reported to the DHS to aid better situational awareness, said a DHS senior administration official during the call. The official added later that the framework would not apply “broadly to any critical infrastructure entity, but to the most critical of critical infrastructure.” Criteria will be identified in the legislation as to what constitutes the most critical of critical infrastructure, based on aspects like risk and consequences from attack. The DHS official also said the department’s secretary “would through a regulation process develop a set of additional criteria with strong input from the private sector to identify who actually fell within that regime.”
Third, protecting federal government computers and networks: Under the legislation, the DHS will be responsible for managing the Federal Information Security Management Act. The DHS will also be given more flexibility when hiring cyber-security personnel. In 2010, DHS Secretary Janet Napolitano set the goal of hiring 1,000 employees with cyber-security skills. However, as of March 2011, only about 200 people had been hired and there were plans to hire 100 more this year, the Federal Times reported. The DHS official said this bill will “do a better job of competing with private sector for getting these key people.”
Also included in the proposed legislation — and important for state government to note — is the federal government’s promotion of cloud computing. A Department of Commerce senior administration official called cloud services “more efficient and secure.” And the legislation states, “This new industry should not be crippled by protectionist measures, so the proposal prevents states from requiring companies to build their data centers in that state, except where expressly authorized by federal law.”
The proposed bill will be sent to Capitol Hill, and numerous media outlets said the White House is hoping for action by Congress on it this year.
“The cyber-threat is real and growing and we really must address the cyber-vulnerabilities and -security concerns we have today,” said a senior administration official from the Defense Department.
You may use or reference this story with attribution and a link to
http://www.govtech.com/e-government/White-Houses-Cyber-Security-Bill-Seeks-to-Provide-a-Framework-for-Industry-Government.html
.jpg)
What is Big Data? What can it do for you? 
Discover the BI capabilities you already own.
The one sided reasoning needs to stop. The “you get what you pay for” concept of the fifties has evolved into a more complex environment for today’s society. I get power if I pay my bill or I can use a credit card if I qualify and pay my bill are no longer that simple. If the power company does not give power I don’t have to pay but at the same time my food goes bad, I can’t work, my aged parent dies of heat exestuation. Because of the interdependent nature business/government have now a RESPONCIBILITY to provide their service or product which includes security. This responsibility needs to be acknowledged in society/law both civil and criminal. If you collect information on people and maintain, it you should be responsible for the damage done if it is compromised. Privacy is not guaranteed in the Constitution but criminal and civil liability will force business to re-think what they want to collect and maintain, or how important service security is to the business.
that is the plan for internal breaches.... i hope that is taken into account..... peripheral protection at network level is fine but there is much more to provide comprehensive protection..... People, Process and Products / Solutions all need to be considered... People are tougher part.... esp. GREED and INFLATION are the biggest challenge. cheers, vikram www.ideasventure.com