Democratic senators criticize administration's cybersecurity efforts

Senate Democrats on Thursday assailed the Bush administration over its failure to fill a Cabinet-level post it created last July within the Homeland Security Department for a cyber security czar.

In the wake of several high-profile data breaches at government agencies this year, Senate Judiciary Committee ranking Democrat Patrick Leahy of Vermont said the administration has been reckless in its refusal to fill the position in a timely manner. He said individuals whose personal information has been compromised have paid the price for such mistakes.

"I wish we were just talking about security," Leahy said. "Unfortunately, we're talking about incompetence."

Charles Schumer, D-N.Y., said it is hypocritical for lawmakers to demand that private companies secure and protect the personal information of individuals for which they are responsible when the government itself has been so careless.

The theft of a laptop computer belonging to the Veterans Affairs Department this spring exposing the personal information of more than 26 million Americans is the "tip of the iceberg," Schumer said. The computer was recovered last month. He added that data breaches at the Agriculture, Energy and Health and Human Services departments indicate complacency at all levels of government.

"The bottom line is what bank robbery was in the Depression, ID theft is to the information age," Schumer said.

According to Schumer, the Bush administration missed a crucial opportunity after the Sept. 11, 2001 terrorist attacks to establish measures to protect American's information technology infrastructure.

"The administration completely overlooked the pink gorilla in the room -- cyberspace," Schumer said.

Floridian Bill Nelson said Homeland Security's inaction on cyber security is demonstrative of its overall inadequacy. He said the department's response to hurricanes in his state during the past several years has been inexcusable. He called its management of cyber security "unconscionable."

Nelson said he is frustrated that lawmakers have not been given an opportunity to craft a combination of the data security bills approved by the Commerce and Judiciary committees in the past year. Leahy blamed the GOP leadership for not allowing his colleagues to bring up the proposals.

"There's no reason that these two bills can't be married up," Nelson said.

Paul Kurtz, director of the Cyber Security Industry Alliance, said the Bush administration has gone "absent without leave" on information security issues and that no government body is more responsible than the Homeland Security. Kurtz said the stakes for inaction are high because the U.S. economy and government security systems depend so heavily on digital infrastructures.

"Digital systems underpin our national and economic security," said Kurtz, who dealt with cyber security issues as a former special assistant to President Bush.

Leahy echoed Kurtz's call for immediate federal action. He said a well-crafted cyber attack on the United States could be just as disastrous as a physical one, because it could happen at any time and could come from anywhere.

"The administration is big on rhetoric and awfully slow on reality," Leahy said.

Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
FROM OUR SPONSORS
JOIN THE DISCUSSION
Close [ x ] More from GovExec
 
 

Thank you for subscribing to newsletters from GovExec.com.
We think these reports might interest you:

  • Sponsored by G Suite

    Cross-Agency Teamwork, Anytime and Anywhere

    Dan McCrae, director of IT service delivery division, National Oceanic and Atmospheric Administration (NOAA)

    Download
  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

    Download
  • Federal IT Applications: Assessing Government's Core Drivers

    In order to better understand the current state of external and internal-facing agency workplace applications, Government Business Council (GBC) and Riverbed undertook an in-depth research study of federal employees. Overall, survey findings indicate that federal IT applications still face a gamut of challenges with regard to quality, reliability, and performance management.

    Download
  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

    Download
  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

    Download
  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

    Download
  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

    Download

When you download a report, your information may be shared with the underwriters of that document.