DHS Secretary Predicts U.S. Cyber Legislation this Summer

May 14, 2014

U.S. Homeland Security Secretary Jeh Johnson says that Congress is likely to agree on cybersecurity legislation this summer.

"My sense is that there's an effort to try to get something done this summer," Johnson told the Reuters Cybersecurity Summit, adding that he has discussed the matter with members of both the House of Representatives and the Senate. "I've seen a fair amount of activity coming from both the House and the Senate and a real bipartisan desire to get something done," he said.

Johnson, who replaced Janet Napolitano as homeland security secretary in December, said tightening cybersecurity standards was "a good government, good business" practice that should not be a "political hot potato," even for a divided Congress, Reuters reports.

"My sense is that Congress realizes this is an area where we can legislate and we ought to try," he told the summit.

"The House last year for the second time passed a bill designed to help companies and the government share information on cyber threats, but it fizzled in the Senate. It did not address industry standards and the Obama administration had threatened to veto it over privacy concerns as many Democrats sought a broader bill," Reuters said.

Efforts to pass cybersecurity legislation got second wind in Congress last month as leaders of the Senate Intelligence Committee drafted their own bill, now circulating among key stakeholders in hopes of avoiding disagreements that have thwarted passage in the past. The draft, from Senators Dianne Feinstein, a California Democrat, and Saxby Chambliss, a Georgia Republican, would offer liability protections and consider the possibility of data being shared not only with a civilian government agency but also military or intelligence agencies, said Reuters.

Besides the limited liability, Johnson said key components of any legislation would be updating the Federal Information Security Management Act; clarity on the authority that DHS has over government web operations; and clarity on what commercial firms should share with the government.

Microsoft’s Edna Conway, Chief Security and Risk Officer of Azure, will lead this session and provide a real-world, tangible approach to address security and resilience to support you in your journey to operational resilience.

Protecting employees from potential exposure could be a daunting task, but with the right property technology, your office space can become an interactive and responsive asset that helps you ensure new health protocol compliance.