A House Homeland Security subcommittee approved legislation on Wednesday aimed at clarifying the government’s role in combating cyberattacks.
Congressional leaders and President Obama have called for significant cybersecurity legislation to be passed this year. The smooth passage of this House bill may bode well for the larger effort, which has been under way for two years.
The Cybersecurity, Infrastructure Protection, and Security Technologies Subcommittee approved H.R. 3674, the Promoting and Enhancing Cybersecurity and Information Sharing Effectiveness Act of 2011 (The PrECISE Act), with a voice vote.
The bill would task the Homeland Security Department with determing what “critical infrastructure” like the power grid or financial systems, need federal oversight from existing agencies. Such proposals have sparked concern over government ability to control private networks.
But the bill's sponsor, Rep. Dan Lungren, R-Calif., chairman of the subcommittee, said his proposal is the "least intrusive" of current proposals.
Some proposals in the Senate, for example, would give the DHS authority to regulate, rather than simply designate critical infrastructure.
The PrECISE Act would also establish a National Cybersecurity and Communications Integration Center to coordinate federal cybersecurity efforts.
Lungren says the bill will increase public-private information sharing and give DHS the authority it needs “to play its part.”
“Government should enable and facilitate the private sector in this effort by providing threat information, standards and best practices,” he said. “In this way, we ensure that owners and operators are in the strongest position to protect their critical infrastructure.”
Subcommittee ranking member Yvette Clarke, D-N.Y., criticized a measure that would establish a quasi-governmental National Information Sharing Organization (NISO) as a clearinghouse for information between government and the private sector.
Before investing $30 million of taxpayer money in the organization, Clarke proposed conducting a study to determine the most effective way to share information. But her amendment to remove the NISO provision failed on a voice vote.
Besides a manager’s amendment, which included proposals for local partnerships, the panel approved two amendments by Rep. Michael McCaul, R-Texas. One measure would require DHS to report to Congress on which foreign groups pose the greatest threat to American infrastructure; the other amendment would limit additional regulations if a company is already following rules.
“The private sector owns most of our nation’s critical infrastructure and commits considerable resources to ensuring thattheir computer networks are safe from outside attacks,” McCaul said. “As we go forward we must ensure that the heavy hand of government does not harm industry.”
Federal cybersecurity efforts have been hampered by sometimes confusing jurisdictions and a lack of information sharing, analysts say. The Senate is expected to introduce its own cybersecurity bill as soon as this week.