Government // Cybersecurity
11:59 AM
Connect Directly
The Analytics Job and Salary Outlook for 2016
Jan 28, 2016
With data science and big data top-of-mind for all types of organizations, hiring analytics profes ...Read More>>

Major Cybersecurity Bill Introduced In Senate

The call for a new adviser comes at a time when controversy has arisen over the current cybersecurity structure in government.

Two senators on Wednesday introduced sweeping cybersecurity legislation that would significantly overhaul the nation's information security efforts, including the creation of a national cybersecurity adviser who would report directly to the president.

The legislation, wrapped up in two separate bills and introduced by Senate Commerce Committee Chairman John D. Rockefeller IV, D-W.Va., and Sen. Olympia Snowe, R-Maine, would revise cybersecurity processes and oversight in government, facilitate public-private partnerships on keeping computer systems safe, and fund cybersecurity research.

"Congress must bring new high-level governmental attention to develop a fully integrated, thoroughly coordinated, public-private partnership to our cybersecurity efforts," Rockefeller said in a statement.

The bills come at a time when the government is in the middle of a national cybersecurity review being undertaken at the behest of the Obama administration. The report is slated to be out sometime next month. That review follows a 96-page report written last year by the Center for Strategic and International Studies, on which the Rockefeller-Snowe bill is loosely based.

The national cybersecurity adviser would be the top official on every issue related to cybersecurity and would coordinate efforts with the intelligence community and other agencies. The official would have sweeping powers reaching across the federal IT infrastructure, including the power to completely disconnect federal networks that control the nation's critical infrastructure if they're found to have vulnerabilities.

The possible introduction of a new cybersecurity official comes at a time when controversy has arisen over the current cybersecurity structure in government. Rod Beckstrom, former Department of Homeland Security National Cybersecurity Center director and supposed top government cybersecurity official, resigned last month, saying in a letter that the National Security Agency had taken away most of his power during the Bush administration.

The legislation would require the national cybersecurity adviser to conduct a comprehensive cybersecurity review every four years to assess cybersecurity strategy and progress, as well as some sort of overall information security "threat and vulnerability assessment."

The bill would push more collaboration between the private sector and government on cybersecurity than ever before. It would create a "public-private clearinghouse" to share vulnerabilities, a panel of independent cybersecurity experts to advise the president, "measurable and auditable" standards for both the public and private sectors, a licensing requirement for people who want to work in cybersecurity, and a program to help small and medium-sized businesses grapple with cybersecurity requirements.

The bill also intends to spur cybersecurity innovation. It would increase research and development at the National Science Foundation, expand a current program that gives scholarships for students who promise to work in government cybersecurity after studying computer science and information security in college, and create "cybersecurity competitions."

InformationWeek will highlight innovative government IT organizations in an upcoming issue. Nominate your agency by submitting an essay on your most innovative IT initiative completed in the last year. Find out more, and nominate your organization by May 1.

Comment  | 
Print  | 
More Insights
Cyber Security Standards for Major Infrastructure
Cyber Security Standards for Major Infrastructure
The Presidential Executive Order from February established a framework and clear set of security standards to be applied across critical infrastructure. Now the real work begins.
Register for InformationWeek Newsletters
White Papers
Current Issue
How to Knock Down Barriers to Effective Risk Management
Risk management today is a hodgepodge of systems, siloed approaches, and poor data collection practices. That isn't how it should be.
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.