A House subcommittee yesterday approved new cyber security legislation that would give the Department of Homeland Security authority to evaluate cyber security risks to critical infrastructure and determine the best ways to limit risks.
The Promoting and Enhancing Cybersecurity and Information Sharing Effectiveness Act (H.R. 3674) essentially defines the roles and responsibilities for protecting the nation’s critical infrastructure, within the federal government and the private sector. The bill was approved by the House Homeland Security Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies.
The bill was introduced in December by Rep. Dan Lungren (R-Calif.), the subcommittee chair, and nine other Republicans and one Democrat, Rep. Jim Langevin (R.I.) (Defense Daily, Dec. 16, 2011).
The PRECISE Act also creates the National Information Sharing Organization, which would be controlled by the private sector, to develop best practices, provide technical assistance, and enable the trusted sharing of cyber threat information across critical infrastructure and with the federal government.
“We know voluntary guidelines simply have not worked,” Langevin said in a statement yesterday. “For the industries upon which we mostly rely, government has a role to work with the private sector on setting guidelines and ensuring they are followed.”
An amendment offered by Langevin was also included in the bill and requires DHS to report to Congress on how it will support regional, state, and local grassroots cyber cooperatives designed to decrease cyber disruptions to critical infrastructure, increase cyber workforce training efforts, increase community awareness of cyber security, and build resiliency of regional, state and local critical services. Last summer, Rhode Island stood up its own Cyber Disruption Team that is focused on helping the state prepare for and respond to cyber attacks.
The bill goes to the full Homeland Security Committee next. The House is expected to review multiple pieces of cyber security-related legislation, whereas in the Senate shortly a comprehensive bill is expected to be introduced (Defense Daily, Dec. 23, 2011).