TRENDING:

Standards, Regulations & Compliance

5 Things You Didn't Know About Cybersecurity Bill

Licensing IT Security Pros Among Provisions Eric Chabrow (GovInfoSecurity) • April 17, 2009    
5 Things You Didn't Know About Cybersecurity Bill
Cybersecurity legislation - Senate Bill 773 - introduced by Sen. Jay Rockefeller, D.-W.Va., earlier this month received a lot of attention -- in part because of a provision to allow the president to declare a cybersecurity emergency and shutdown Internet traffic to and from government IT systems and the nation's critical IT infrastructure.

But portions of the bill that aren't as provocative failed to gain much attention, yet they would have a greater impact on the everyday working lives of government employees charged with providing IT security and to the citizens and businesses they serve to protect. Here are five of lesser-known provisions of the legislation:

  1. Licensing Cybersecurity Pros: Three years after Congress enacts the legislation, anyone providing cybersecurity services to the federal government or elements of the nation's critical IT infrastructure designated by the president must be licensed under a program developed under the direction of the Commerce secretary.

  2. Cybersecurity Dashboard: The Commerce Department, working with the Office of Management and Budget, will develop a plan to create a system to provide dynamic, comprehensive, real-time cybersecurity status and vulnerability information for all federal IT systems and networks managed by the Commerce Department. If such a dashboard is created, it likely would be adopted by other government agencies.

  3. New Metrics:Within one year of enactment, the National Institute of Standards and Technology will establish measurable and auditable cybersecurity standards for all federal agencies, contractors and designated critical infrastructure systems and networks.

  4. National Cybersecurity Awareness Campaign: The Commerce Secretary will implement a national cybersecurity awareness campaign designed to heighten pubic awareness of cybersecurity concerns that communicates the government's role in securing the Internet and protecting the privacy and civil liberties with respect to Internet activities.

  5. Cybersecurity Risk Management Report: The president will report to Congress within a year of the bill's enactment the feasibility of creating a market for cybersecurity risk management, including the creation of a system of civil liability and insurance including government reinsurance and requiring cybersecurity to be a factor in all bond ratings.
Previous
Will Mergers Reshape Gov IT Security?
Next
Most .Gov Sites Flunk E-mail Authentication Test

About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.



Around the Network

How 'Security by Default' Boosts Health Sector Cybersecurity
How 'Security by Default' Boosts Health Sector Cybersecurity
Transforming a Cyber Program in the Aftermath of an Attack
Transforming a Cyber Program in the Aftermath of an Attack
Safeguarding Critical OT and IoT Gear Used in Healthcare
Safeguarding Critical OT and IoT Gear Used in Healthcare
Evolving Threats Facing Robotic and Other Medical Gear
Evolving Threats Facing Robotic and Other Medical Gear
Medical Device Cyberthreat Modeling: Top Considerations
Medical Device Cyberthreat Modeling: Top Considerations
Identity Security and How to Reduce Risk During M&A
Identity Security and How to Reduce Risk During M&A
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
Is It Generative AI's Fault, or Do We Blame Human Beings?
Is It Generative AI's Fault, or Do We Blame Human Beings?
Protecting Medical Devices Against Future Cyberthreats
Protecting Medical Devices Against Future Cyberthreats
Properly Vetting AI Before It's Deployed in Healthcare
Properly Vetting AI Before It's Deployed in Healthcare

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.