DHS Secretary Predicts U.S. Cyber Legislation this Summer

May 14, 2014

U.S. Homeland Security Secretary Jeh Johnson says that Congress is likely to agree on cybersecurity legislation this summer.

"My sense is that there's an effort to try to get something done this summer," Johnson told the Reuters Cybersecurity Summit, adding that he has discussed the matter with members of both the House of Representatives and the Senate. "I've seen a fair amount of activity coming from both the House and the Senate and a real bipartisan desire to get something done," he said.

Johnson, who replaced Janet Napolitano as homeland security secretary in December, said tightening cybersecurity standards was "a good government, good business" practice that should not be a "political hot potato," even for a divided Congress, Reuters reports.

"My sense is that Congress realizes this is an area where we can legislate and we ought to try," he told the summit.

"The House last year for the second time passed a bill designed to help companies and the government share information on cyber threats, but it fizzled in the Senate. It did not address industry standards and the Obama administration had threatened to veto it over privacy concerns as many Democrats sought a broader bill," Reuters said.

Efforts to pass cybersecurity legislation got second wind in Congress last month as leaders of the Senate Intelligence Committee drafted their own bill, now circulating among key stakeholders in hopes of avoiding disagreements that have thwarted passage in the past. The draft, from Senators Dianne Feinstein, a California Democrat, and Saxby Chambliss, a Georgia Republican, would offer liability protections and consider the possibility of data being shared not only with a civilian government agency but also military or intelligence agencies, said Reuters.

Besides the limited liability, Johnson said key components of any legislation would be updating the Federal Information Security Management Act; clarity on the authority that DHS has over government web operations; and clarity on what commercial firms should share with the government.

You must login or register in order to post a comment.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Security Magazine

2020 October

This month in Security magazine, we explore how Corning's global security group ensured business continuity and employee safety during the global COVID-19 pandemic. Also, we highlight the global security team at Uber and their recent security programs and initiatives. Industry experts discuss travel safety programs, career hackers, working for terrible bosses, group attribution error and more.

View More Create Account

DHS Secretary Predicts U.S. Cyber Legislation this Summer

Related Articles

Related Products

Report Abusive Comment