DHS Big Winner in Congressional CyberSec Vote

Legislation Strengthens DHS's IT Security Wherewithal

By Eric Chabrow, December 12, 2014.

Credit Eligible

• 
• 
• 
• 

DHS also would assess the status of agencies' implementation of data breach notifications policies and guidelines, as a result of the new law. The FISMA reform measure also would require agencies to report data breaches within 30 days of discovery of an incident to the Senate and House Judiciary Committees.

See Also: Mobile Deposits & Fraud: Managing the Risk

Cultivating DHS's Cybersecurity Credibility

How would the other bills approved by Congress and awaiting the president's signature strengthen DHS's cybersecurity credentials?

• The National Cybersecurity Protection Act codifies DHS's National Cybersecurity and Communications Integration Center, the government's organization to analyze and share cyberthreat information. Carper says designating the center in law bolsters the nation's cybersecurity and provides DHS with clear authority to more effectively carry out its cybersecurity mission. "It is critical that the department continues to build strong relationships with business, state and local governments and other entities across the country so that we can all be better prepared to stop cyber-attacks and quickly address those intrusions that do occur," Carper says.
• The Homeland Security Cybersecurity Workforce Assessment Act, a rider on the Border Patrol Agent Pay Reform Act, would identity and fill key cybersecurity positions at DHS and provide competitive compensation as well as identify IT security skills the department needs. "Slow and cumbersome hiring procedures have been a persistent challenge for DHS when competing for scarce cybersecurity talent," says Diana Burley, a Georgetown University professor who studies government IT security employment. "This bill will reduce these barriers to entry and enhance DHS's ability to compete with other agencies - most notably NSA and DoD - in hiring the limited number of cybersecurity professionals."
• The Cybersecurity Workforce Assessment Act, not to be confused with the aforementioned Homeland Security Cybersecurity Workforce Assessment Act, would require an assessment of DHS's cybersecurity workforce needs over the next decade. This measure also would call on DHS to determine the feasibility, cost and benefits of establishing a cybersecurity fellow program to offer a tuition payment plan for pursuing undergraduate and doctoral degrees who agree to work for DHS for an agreed-upon period of time.

In congressional testimony just hours before this week's votes on the cybersecurity legislation, DHS's Schneck spoke of the role she sees DHS performing as a cybersecurity leader: "DHS represents an integral piece of the national work in cybersecurity. We are building a foundation of voluntary partnerships with private owners of critical infrastructure and government partners working together to safeguard stability. ... DHS forms a crucial underpinning for ensuring the ongoing protection of our infrastructures, services and way of life."