The FISMA Focus IPD

From: FederalNewsRadio.com 1500AM

By Jack Moore

The pressing need for comprehensive cybersecurity legislation has led to widely divergent paths in the House and Senate. Lawmakers in the House have introduced a slew of bills, mostly favoring a more incremental approach.

However, the Senate took a different tack. Because the issue extends across a number of committees of jurisdiction, Senate Majority Leader Harry Reid (D-Nev.) directed the various Senate committees to work together on a single bill, the culmination of which is the bipartisan Cybersecurity Act of 2012.

But cyber legislation is just one of a number of key bills Congress must pass, either before the end of the fiscal year. And with election season fast approaching, some observers are setting low expectations.

Below, read highlights of recent cyber legislation and track their progress.

Cyber Intelligence Sharing and Protection Act (CISPA)

— Introduced by Rep. Mike Rogers (R-Mich.)

Highlights

• Allows the government to share cyber threat information with private companies and encourages private companies to share cyber threat data

• Allows the government to use shared cyber threat information to protect against cyber attack and to investigate cyber crime.

Status

• Passed by the House in a 248-168 vote

Promoting and Enhancing Cybersecurity and Information Sharing Effectiveness Act of 2011 (The PrECISE Act)

— Introduced by Rep. Dan Lungren (R-Calif.)

Highlights

•Originally tasked the Homeland Security Department with developing mandatory security standards that private companies operating critical infrastructure, such as power companies, had to meet.

• To garner more Republican support, that provision was scaled back in favor of a voluntary system.

Status

•The pared-down version was approved by the House Homeland Security Committee in April. It awaits a full vote by the House

Strengthening and Enhancing Cybersecurity by Using Research, Education, Information, and Technology Act of 2012 (SECURE IT)

— Introduced by Sen. John McCain (R-Ariz.)

Highlights

• Does not give DHS new authority to enforce cyber safeguards, relies on voluntary approach by industry to share information
• Cyber threat information would be shared through existing federal cybersecurity centers run by the National Security Agency

Status

• Has been referred to the Senate committee on Commerce, Science and Transportation
• Reps. Mary Bono Mack (R-Calif.) and Marsha Blackburn (R-Tenn.) introduced a House version of the bill

Cybersecurity Act of 2012

— Introduced by  Sens. Joseph Lieberman (I-Conn.), Susan Collins (R-Maine), Jay Rockefeller (D-W.V.) and Dianne Feinstein (D-Calif.)

Highlights

• Expands the role of DHS in securing critical infrastructure by setting mandatory security standards

• Allows private entities to share cyber threat information with the government through cyber exchanges

Status

• Senate Majority Leader Harry Reid (D-Nev.) said he will hold floor debate in the Senate on the bill in early July

• Has been endorsed by the White House

Cybersecurity Enhancement Act of 2012

— Introduced by Rep. Michael McCaul (R-Texas)

Highlights

• Calls for federal agencies to create a strategic plan for cyber research and development
• Authorizes new appropriations to the National Science Foundation to issue grants
• Requires President to submit a report to Congress describing cyber workforce needs of the federal government

Status

• Passed the House in a 395-10 vote.

Federal Information Security Amendment Act of 2012

— Introduced by Reps. Darrell Issa (R-Calif.) and Elijah Cummings (D-Md.)

Highlights

• Updates the 2002 law creating the Federal Information Security Management Act
• Reasserts the role of OMB — as opposed to DHS — in developing and overseeing agency cyber guidance

Status

• Approved by the House in a voice vote