House Subcommittee Passes Security Legislation

Friday, January 24, 2014 @ 01:01 PM gHale

A bill passed in a House subcommittee that will bolster provisions to protect the nation’s critical infrastructure, moving it one step closure to full consideration.

The National Cybersecurity and Critical Infrastructure Protection Act of 2013 (NCCIP), which enjoys bipartisan support, amends the Homeland Security Act of 2002 to include oversight of DHS’ cybersecurity operations, and encourage public-private partnerships in threat intelligence sharing.

Aware of Risks, Agency Ignored Warnings
IG: DHS’ Own Cyber Plan Lacking
Feds’ Security Practices Lacking
Data Breaches Go Undisclosed

“HR 3696 strengthens our cyber defenses by bolstering and providing oversight of DHS’s cybersecurity mission, fostering collaborative public-private partnerships, while also ensuring privacy and civil liberties are protected,” said a joint statement from members of the House of Representatives Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies.

The NCCIP Act:
• Prohibits new regulatory authority at the Department of Homeland Security (DHS) and is budget neutral
• Codifies and strengthens the National Cybersecurity and Communications Integration Center (NCCIC), a federal civilian, transparent interface to facilitate real-time cyber threat information sharing across critical infrastructure sectors
• Establishes an equal partnership between private industry and DHS, and ensures that DHS properly recognizes industry-led entities to facilitate critical infrastructure protection and incident response
• Codifies and strengthens the successful aspects of the National Infrastructure Protection Plan (NIPP), a public-private partnership framework that has been supported by the private sector since 2003
• Codifies the Cyber Incident Response Teams to provide timely technical assistance, crisis management, and actionable recommendations on cyber threats to critical infrastructure owners and operators on a voluntary basis
• Ensures the National Cybersecurity Incident Response Plan is regularly updated and exercised in coordination with federal, state, local, and private sector stakeholders
• Codifies DHS operational information security activities to protect and ensure the integrity and resiliency of all federal civilian information systems and networks
• Amends the SAFETY Act to establish a threshold for qualifying cyber incidents so private entities can voluntarily submit their cybersecurity procedures to the SAFETY Act Office to gain additional liability protections in the event of a qualifying cyber incident.

“Our top national security experts agree that the threat of cyber attacks on our nation’s critical infrastructure will soon be the top national security threat,” subcommittee chairman Patrick Meehan said.

“The NCCIP Act will allow us to face the cyber threat head on.”

Leave a Reply

You must be logged in to post a comment.