Loading ...
Sorry, an error occurred while loading the content.

ISPLA News-S 2105, the Cybersecurity Act of 2012

Expand Messages
  • Peter Psarouthakis
    In a Homeland Security Committee Press Release of February 14 the following appears: To guard against the nation s increasing vulnerability to cyber attack, a
    Message 1 of 1 , Feb 14, 2012
    • 0 Attachment
      In a Homeland Security Committee Press Release of February 14 the following

      To guard against the nation's increasing vulnerability to cyber attack, a
      group of Senate Committee leaders introduced bipartisan legislation Tuesday
      to secure the cyber systems of the essential services that keep our nation
      running. The Senators were Homeland Security and Governmental Affairs
      Committee Chairman Joe Lieberman, ID-CT, Ranking Member Susan Collins, R-ME,
      Commerce Committee Chairman Jay Rockefeller, D-WV, and Select Intelligence
      Committee Chairman Dianne Feinstein, D-Ca.

      The Cybersecurity Act of 2012, S. 2105, and the product of three years
      worth of hearings, consultations, and negotiations, envisions a
      public-private partnership to secure those systems which if commandeered or
      destroyed by a cyber attack could cause mass deaths, evacuations,
      disruptions to life-sustaining services, or catastrophic damage to the
      economy or national security.
      "This bill would begin to arm us for battle in a war against the cyber
      mayhem that is being waged against us by our nation's enemies, organized
      criminal gangs, and terrorists who would use the Internet against us as
      surely as they turned airliners into guided missiles," Lieberman said. "The
      nation responded after 9/11 to improve its security. Now we must respond to
      this challenge so that a cyber 9/11 attack on America never happens"

      Rockefeller said: "I can't think of a more urgent issue facing this
      country. Hackers are stealing information from Fortune 500 companies,
      breaking into the networks of our government and security agencies and
      toying with the networks that power our economy. The new frontier in the war
      against terrorists is being fought online and this bill will level the
      playing field. We can and will stop cyber criminals from getting the upper
      hand. This comprehensive legislation is an important step towards securing
      the Internet from cyber theft"
      Collins said: "Our nation's vulnerability has already been demonstrated by
      the daily attempts by nation-states, cyber criminals, and hackers to
      penetrate our systems. The threat is not just to our national security, but
      also to our economic well-being. A Norton study last year calculated the
      cost of global cybercrime at $114 billion annually. When combined with the
      value of time victims lost due to cybercrime, this figure grows to $388
      billion globally, which Norton described as 'significantly more' than the
      global black market in marijuana, cocaine and heroin combined. Our bill is
      needed to achieve the goal of improving the security of critical cyber
      systems and protecting our national and economic security"

      Feinstein said: "Alongside terrorism, cybersecurity is perhaps the number
      one threat facing our nation today, but many obstacles exist that prevent
      the cooperation and coordination needed to deter this growing threat. It's
      past time that the government and the private sector join together to
      address the widespread and devastating effects that cyber intrusions are
      having on our country."
      The legislation reflects recommendations from companies and trade
      associations representing the information technology, financial services,
      telecommunications, chemical, and energy sectors, among others. National
      security, privacy and civil liberties experts also provided essential
      counsel. Majority Leader Harry Reid's support was instrumental.

      The Senators stressed that the Cybersecurity Act of 2012 in no way resembles
      the Stop Online Piracy Act or the Protect Intellectual Property Act, which
      involved the piracy of copyrighted information on the internet. The
      Cybersecurity Act involves the security of systems that control the
      essential services that keep our nation running - for instance, power,
      water, and transportation.
      To move the legislative process forward, the Senators have not included
      emergency authorities for the president, as previous bills did. The
      legislation also does not contain a special White House cybersecurity

      Both the Homeland Security and Governmental Affairs and the Commerce
      Committees have held several hearings over the years on cybersecurity. In
      the 111th Congress, both Committees marked up and reported out cybersecurity
      legislation. In the 112th Congress, the two Committees merged their bills,
      refined and perfected them to produce new legislation.
      The Cybersecurity Act of 2012 would require:

      The Department of Homeland Security to assess the risks and vulnerabilities
      of critical infrastructure systems - whose disruption from a cyber attack
      would cause mass death, evacuation, or major damage to the economy, national
      security, or daily life - to determine which should be required to meet a
      set of risk-based security standards.

      Owners/operators who think their systems were wrongly designated would have
      the right to appeal.

      DHS to work with the owners/operators of designated critical infrastructure
      to develop risk-based performance requirements, looking first to current
      standards or industry practices. If a sector is sufficiently secured, no new
      performance requirements would be developed or required to be met.

      The owners of a covered system to determine how best to meet the performance
      requirements and then verify that it was meeting them. A third-party
      assessor could also be used to verify compliance, or an owner could choose
      to self-certify compliance Current industry regulators to continue to
      oversee their industry sectors.

      Information-sharing between and among the private sector and the federal
      government to share threats, incidents, best practices, and fixes, while
      maintaining civil liberties and privacy.
      DHS to consolidate its cybersecurity programs into a unified office called
      the National Center for Cybersecurity and Communications.

      The government to improve the security of federal civilian cyber networks
      through reform of the Federal Information Security Management Act.

      ......And in Federal News Radio:

      "Consider the warning signs, hackers now seem to be able to routinely crack
      the codes of our government agencies, including the most sensitive ones,"
      said Sen. Jay Rockefeller (D-W.Va.) in a floor statement introducing the
      bill Tuesday. "Our Fortune 500 companies, they do routinely, and then
      everything in between. Adm. Mike Mullen, former Joint Chiefs chairman, said
      the cybersecurity threat is the only other threat that is on the same level
      as Russia's stockpile of nuclear weapons. Loose nukes, if you will. FBI
      Director Robert Mueller testified to Congress very recently that the cyber
      threat will soon overcome terrorism as the top national security focus of
      the FBI."

      <http://www.federalnewsradio.com/?nid=245&sid=2747994> &sid=2747994

      Bruce Hulme
      ISPLA Director of Government Affairs
      www.ISPLA.org <http://www.ispla.org/>

      Your Proactive Voice from State Capitols to the Nation's Capitol

      [Non-text portions of this message have been removed]
    Your message has been successfully submitted and would be delivered to recipients shortly.