BreachExchange mailing list archives
Cybersecurity Bill Introduced in House
From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Fri, 13 Dec 2013 00:22:41 -0700
http://www.databreachtoday.com/cybersecurity-bill-introduced-in-house-a-6285 Leaders of the House Homeland Security Committee have introduced a bipartisan bill they contend would strengthen the cybersecurity of the nation's 16 critical infrastructure sectors and the federal government by codifying, strengthening and providing oversight of the mission of the Department of Homeland Security. The sponsors say the National Cybersecurity and Critical Infrastructure Protection Act of 2013, introduced Dec. 11, would bolster the partnership between industry and the government to jointly raise the bar on cybersecurity. "The NCCIP Act will allow us to face the cyberthreat head on," says Rep. Patrick Meehan, R-Pa., who chairs the panel's Cybersecurity, Infrastructure Protection and Security Technologies Subcommittee. "The bill will help us responsibly coordinate our cyberdefenses and strengthen civilian leadership of their while protecting Americans' privacy and civil liberties." A summary of the bill issued by the sponsors says the legislation would: - Codify and strengthen the National Cybersecurity and Communications Integration Center, a federal civilian agency that promotes real-time cyberthreat information sharing across critical infrastructure sectors; - Establish an equal partnership between industry and DHS, and ensure that DHS properly recognizes industry-led entities to facilitate critical infrastructure protection and incident response; - Codify and strengthen the National Infrastructure Protection Plan, a public-private partnership framework that has been supported by the industry since 2003; - Codify the Cyber Incident Response Teams to provide timely technical assistance, crisis management and actionable recommendations on cyberthreats to critical infrastructure owners and operators on a voluntary basis; - Ensure that the National Cybersecurity Incident Response Plan is updated regularly and coordinated with federal, state, local and private-sector stakeholders; - Codify DHS operational information security activities to ensure the resiliency of all federal civilian information systems and networks; - Amend the SAFETY Act to establish a threshold for qualifying cyber-incidents so private entities can submit voluntarily their cybersecurity procedures to the SAFETY Act office to gain additional liability protections in the event of a qualifying cyber incident. The measure, which is budget neutral, also would prohibit new regulatory authority at DHS. "This bill represents a positive step forward to help foster a more secure cyberspace and keep America on the forefront of innovation," says Rep. Bennie Thompson, D-Miss., the committee's ranking member. "Under this measure, the Department of Homeland Security would have the authority it needs to effectively execute its cybersecurity mission, a bipartisan priority."
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: # OWASP http://www.appsecusa.org # Builders, Breakers and Defenders # Time Square, NYC 20-21 Nov o()xxxx[{::::::::::::::::::::::::::::::::::::::::> Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security offers security intelligence, risk management services and customized security solutions. The YourCISO portal gives decision makers access to tools for evaluating their security posture and prioritizing risk mitigation strategies. Cyber Risk Analytics offers actionable threat information and breach analysis.
Current thread:
- Cybersecurity Bill Introduced in House Audrey McNeil (Dec 17)