TOPICS
TOPICS
Legislation to elevate cybersecurity post may die in Senate
Legislation that would promote cybersecurity efforts within the Homeland Security Department could wither on the vine again this year, despite agreement among lawmakers, the private sector and government officials that the department must do more to prevent cyber attacks.
The House in May overwhelmingly approved a measure, H.R. 1817, to tweak programs at the department. It includes a provision to elevate the cybersecurity mission by promoting the director of the department's cybersecurity division to the assistant secretary level.
"The cybersecurity mission is too important too handle at this relatively low level," read a summary of the legislation authored by the House Homeland Security Committee.
While similar legislation has been introduced in the Senate, it is unlikely the chamber would vote on a bill this year. It has been bogged down with fights over President Bush's nominees and legislative work is expected to slow further as senators will debate Bush's nomination to the Supreme Court.
Industry representatives have applauded the House language, which was introduced last year as a stand-alone bill. However, that measure was never sent to the House floor for a vote.
Industry groups repeatedly have urged the government to do more to protect against debilitating cyber attacks on critical infrastructure -- a majority of which is owned by the private sector.
"This can come up and bite us in a number of ways," said Paul Kurtz, executive director of the Cyber Security Industry Alliance. "I hope Secretary [Homeland Security Secretary Michael] Chertoff and the administration will see fit to give [the position] more attention. A deputy secretary will not do."
Tech industry executives said Homeland Security is nearly wholly focused on physical security issues -- not electronic ones. Chertoff is currently reviewing department staffing, and some hope he will act to name a high-level cyber-security secretary soon.
"I have a sense Secretary Chertoff understands something is rotten in the state of Denmark," said Harris Miller, president of the Information Technology Association of America. "How can it be a critical issue when the U.S. government has buried the position five levels down?"
A government report in late May reinforced supporters' arguments for the elevated position. A study conducted by the Government Accountability Office, the investigative wing of Congress, found that the department had not fully addressed 13 responsibilities, including drafting a plan to protect critical infrastructure and identifying cyber threats and vulnerabilities.
The department agreed at the time that officials had much more to do on the cyber-security front but disagreed with GAO that it has not made significant progress on that mission since the department's inception nearly three years ago.
Despite the sense of urgency, the department has yet to name a new director of the cybersecurity division. The former chief, Amit Yoran, resigned late last year. Andy Purdy, the acting director, has been running the division temporarily.
GovExec Live!
At 12 p.m. EST on Wed., July 13, Government Executive's Shane Harris and Stan Soloway, president of the Professional Services Council, will spend an hour responding to your questions and comments about the changes proposed for GSA. Feel free to submit your questions and comments early or during the hour-long discussion.
Post a Comment
To post a comment, you must provide a name and a valid e-mail address. Messages must be limited to 400 words. By using this Service you agree not to post material that is obscene, harassing, defamatory, or otherwise objectionable. Although Government Executive does not monitor comments posted to this site (and has no obligation to), it reserves the right to delete, edit, or move any material that it deems to be in violation of this rule.