Cybersecurity Bill Introduced in House

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.databreachtoday.com/cybersecurity-bill-introduced-in-house-a-6285

Leaders of the House Homeland Security Committee have introduced a
bipartisan bill they contend would strengthen the cybersecurity of the
nation's 16 critical infrastructure sectors and the federal government by
codifying, strengthening and providing oversight of the mission of the
Department of Homeland Security.

The sponsors say the National Cybersecurity and Critical Infrastructure
Protection Act of 2013, introduced Dec. 11, would bolster the partnership
between industry and the government to jointly raise the bar on
cybersecurity.

"The NCCIP Act will allow us to face the cyberthreat head on," says Rep.
Patrick Meehan, R-Pa., who chairs the panel's Cybersecurity, Infrastructure
Protection and Security Technologies Subcommittee. "The bill will help us
responsibly coordinate our cyberdefenses and strengthen civilian leadership
of their while protecting Americans' privacy and civil liberties."

A summary of the bill issued by the sponsors says the legislation would:

- Codify and strengthen the National Cybersecurity and Communications
Integration Center, a federal civilian agency that promotes real-time
cyberthreat information sharing across critical infrastructure sectors;
- Establish an equal partnership between industry and DHS, and ensure that
DHS properly recognizes industry-led entities to facilitate critical
infrastructure protection and incident response;
- Codify and strengthen the National Infrastructure Protection Plan, a
public-private partnership framework that has been supported by the
industry since 2003;
- Codify the Cyber Incident Response Teams to provide timely technical
assistance, crisis management and actionable recommendations on
cyberthreats to critical infrastructure owners and operators on a voluntary
basis;
- Ensure that the National Cybersecurity Incident Response Plan is updated
regularly and coordinated with federal, state, local and private-sector
stakeholders;
- Codify DHS operational information security activities to ensure the
resiliency of all federal civilian information systems and networks;
- Amend the SAFETY Act to establish a threshold for qualifying
cyber-incidents so private entities can submit voluntarily their
cybersecurity procedures to the SAFETY Act office to gain additional
liability protections in the event of a qualifying cyber incident.

The measure, which is budget neutral, also would prohibit new regulatory
authority at DHS.

"This bill represents a positive step forward to help foster a more secure
cyberspace and keep America on the forefront of innovation," says Rep.
Bennie Thompson, D-Miss., the committee's ranking member. "Under this
measure, the Department of Homeland Security would have the authority it
needs to effectively execute its cybersecurity mission, a bipartisan
priority."

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

# OWASP http://www.appsecusa.org
# Builders, Breakers and Defenders
# Time Square, NYC 20-21 Nov
o()xxxx[{::::::::::::::::::::::::::::::::::::::::>

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security offers security intelligence, risk management services and customized security solutions. The 
YourCISO portal gives decision makers access to tools for evaluating their security posture and prioritizing risk 
mitigation strategies. Cyber Risk Analytics offers actionable threat information and breach analysis.