DHS Secretary Predicts U.S. Cyber Legislation this Summer

May 14, 2014

U.S. Homeland Security Secretary Jeh Johnson says that Congress is likely to agree on cybersecurity legislation this summer.

"My sense is that there's an effort to try to get something done this summer," Johnson told the Reuters Cybersecurity Summit, adding that he has discussed the matter with members of both the House of Representatives and the Senate. "I've seen a fair amount of activity coming from both the House and the Senate and a real bipartisan desire to get something done," he said.

Johnson, who replaced Janet Napolitano as homeland security secretary in December, said tightening cybersecurity standards was "a good government, good business" practice that should not be a "political hot potato," even for a divided Congress, Reuters reports.

"My sense is that Congress realizes this is an area where we can legislate and we ought to try," he told the summit.

"The House last year for the second time passed a bill designed to help companies and the government share information on cyber threats, but it fizzled in the Senate. It did not address industry standards and the Obama administration had threatened to veto it over privacy concerns as many Democrats sought a broader bill," Reuters said.

Efforts to pass cybersecurity legislation got second wind in Congress last month as leaders of the Senate Intelligence Committee drafted their own bill, now circulating among key stakeholders in hopes of avoiding disagreements that have thwarted passage in the past. The draft, from Senators Dianne Feinstein, a California Democrat, and Saxby Chambliss, a Georgia Republican, would offer liability protections and consider the possibility of data being shared not only with a civilian government agency but also military or intelligence agencies, said Reuters.

Besides the limited liability, Johnson said key components of any legislation would be updating the Federal Information Security Management Act; clarity on the authority that DHS has over government web operations; and clarity on what commercial firms should share with the government.

You must login or register in order to post a comment.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

The security ecosystem protects digital assets, physical assets, and people - the newly distributed workforce creates new and increased physical and cybersecurity risks. Situational and security awareness is a role every employee must play, and you’ll help get them there with awareness, cybersecurity hygiene and security practices that help keep company, employee and customer information safe.

Security Magazine

2020 August

This month in Security magazine, we examine how physical security leaders are being propelled into a unique position of revenue preservers and risk managers for their businesses. In addition, we profile Scott Ashworth, Director of Security for Atlanta United. Also, security leaders discuss how to develop cybersecurity careers, election security, data protection strategies, measuring and reporting security operations maturity and more!

View More Create Account

DHS Secretary Predicts U.S. Cyber Legislation this Summer

Related Articles

Related Products

Report Abusive Comment