On July 28, 2014, the House of Representatives passed three bills aimed at enhancing the cybersecurity efforts of the Department of Homeland Security (DHS) in certain critical infrastructure sectors, including the energy sector:
- H.R. 3696 – the National Cybersecurity and Critical Infrastructure Protection Act(NCCIPA), the primary bill of the three, which passed by voice vote;
- H.R. 2952 – the Critical Infrastructure Research and Development Act (CIRDA), a bill promoting cybersecurity research and development, which passed by voice vote and
- H.R. 3107 – the Homeland Security Cybersecurity Boots-on-the-Ground Act, a bill seeking to bolster the cybersecurity workforce, which passed by a 395-8 vote.
The bill, introduced by House Homeland Security Committee Chairman Michael McCaul (R-TX), Ranking Member Bennie G. Thompson (D-MS), Subcommittee Chairman Patrick Meehan (R-PA) and Subcommittee Ranking Member Yvette Clarke (D-NY), also recognizes the National Cybersecurity and Communications Integration Center, a subdivision of DHS established in 2009, as the interface for sharing real-time cyber threat information.
Finally, the Boots-on-the-Ground Act requires the Secretary of Homeland Security to classify and evaluate the individuals performing cybersecurity-related duties, identify weaknesses in the workforce, and develop a workforce strategy including a recruitment plan, 5-year implementation plan, and 10-year projection of needs.
Chairman McCaul noted that one of the primary purposes of the collective legislation was to address the “pre-9/11 mindset when it comes to cybersecurity.”2 Specifically, Chairman McCaul noted that an attack on the nation’s “oil and gas pipelines [or] power grids . . . could cause crippling economic damage and could even cost lives.” Furthermore, DHS has acknowledged both that “[t]he reliance of virtually all industries on electric power and fuels means that all sectors have some dependence on the Energy Sector,” and that “[m]ore than 80 percent of the country’s energy infrastructure is owned by the private sector.”3 Thus, it is significant that these House bills (1) recognize Energy as a “critical infrastructure sector” and (2) aim to utilize public-private sector cooperation to improve the nation’s cybersecurity.
Also, the proponents of the bills contend that they strike the right balance between security and privacy concerns. While any bill that requires information sharing, especially among government and private sector entities, will likely raise privacy concerns, Rep. Meehan was quick to note that these bills have received support from the American Civil Liberties Union (ACLU) as both “pro-privacy and pro-security.”4 The ACLU has previously supported the idea that from a transparency perspective, among the various federal agencies, DHS is best suited to handle cybersecurity issues.5
This report first appeared on JDSupra.com where sources can be found. Congress Press: http://homeland.house.gov/press-release/house-passes-bipartisan-legislation-protect-critical-infrastructure-cyber-attack
Be the Change! Donate Today!
Enter your email address to subscribe to our newsletter:
Delivered by FeedBurner