White House: Congress Must Pass Cyber Laws

Thursday, February 2, 2012 @ 04:02 PM gHale

This year could be the year Congress passes cyber security legislation to give officials the authority they need to combat “growing and increasingly sophisticated cyber threats,” according to the leading U.S. cyber security official.

White House Cybersecurity Coordinator Howard Schmidt called for legislators to “modernize” outdated laws surrounding cyber security by supporting the broad legislative proposal President Obama sent to Congress in May.

Cyber Crime Grows More Complex
Cyber Report: Life on Technology Edge
Cyber Security Month: DHS Eval Tool
White House Invests in Smart Grid, Security
White House: Cyber Hits Down, But Not for Feds

“It is our sincere hope that members of Congress will look at the significant amount of public debate that has been occurring on these issues — as well as the work and debate on this issue over the years in the Congress — and continue to work in a bipartisan manner to quickly enact legislation to address the full range of cyber threats facing our nation,” Schmidt said.

There are quite a few bills in Congress right now, but none have come to vote. Some of the bills call for the same regulations as the White House plan. Congressional leaders had expressed an interest in passing cyber security legislation by the end of last year but it did not happen.

Schmidt’s urging came a day after President Obama’s annual State of the Union address, in which the president mentioned the proposal as a way “to stay one step ahead of our adversaries” by securing cyberspace.

Laws authorizing collaboration with the private sector, which the feds already do, are a key part of the proposal and should be a part of whatever Congress passes, Schmidt said.

“Legislation that fails to provide the legislative authorities our professionals need to work with the private sector to ensure the safe and reliable operation of our critical infrastructure networks would not be commensurate with the very real and urgent risks to our nation,” he said.

Other aspects of the plan place cyber security authority more squarely in the hands of the Department of Homeland Security (DHS), which already has a key role in leading federal cyber security efforts, and address data breaches and privacy protections.

Obama’s legislative proposal clarifies how companies can share information about cyber threats with the DHS, and allows the agency to help critical infrastructure companies with their cyber security needs if the private sector wants assistance.

The DHS also would be responsible for defining risks that controllers of the most critical infrastructure need to mitigate and require them to provide their plans for doing so to the agency.

In terms of data breaches, Obama’s legislation includes a national standard for reporting breaches to replace 47 existing state data-breach reporting laws. It also would toughen up minimum punishments for cyber criminals.

Leave a Reply

You must be logged in to post a comment.