House Homeland Security Leaders Said Close to Unveiling Cybersecurity Bill

Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...

By Alexei Alexis

Top Republicans on the House Homeland Security Committee are close to introducing long-awaited cybersecurity legislation, after extensive consultations with the private sector, Rep. Patrick Meehan (R-Pa.), one of the drafters, said June 4.

The bill is largely focused on addressing the Department of Homeland Security's role in helping U.S. companies combat cyberthreats, according to Meehan, who chairs the Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies.

“We're hoping to get to markup on this thing within the next few weeks in subcommittee,” Meehan said at an event sponsored by the Security Industry Association.

Data-Sharing Provisions Expected

The bill would codify the role of DHS as a central point for cyberthreat information sharing between the federal government and the private sector, according to Meehan. He said that he is developing the legislation with Rep. Michael T. McCaul (R-Texas), chairman of the full committee.

The recently circulated draft obtained by BNA would formally establish the department's already established National Cybersecurity and Communications Integration Center, which disseminates cyberthreat and vulnerability data, among other duties. In addition, the measure calls for industry “councils” to develop and coordinate the enforcement of cybersecurity guidelines for key U.S. sectors.

In April, the House passed a cybersecurity bill (H.R. 624) introduced by Reps. Mike Rogers (R-Mich.) and C.A. Dutch Ruppersberger (D-Md.), chairman and ranking member, respectively, of the House Intelligence Committee (12 PVLR 671, 4/22/13).

Although that bill addresses information sharing, Meehan previously told BNA that more work needs to be done on the role of DHS and its relationship with the private sector, which comes squarely under the jurisdiction of the Homeland Security Committee (12 PVLR 866, 5/20/13).

Broader Senate Bill Possible

Meanwhile, Sen. Thomas R. Carper (D-Del.), chairman of the Senate Homeland Security and Governmental Affairs Committee, has said he will work with Senate colleagues on both sides of the aisle to develop broader cybersecurity legislation that would support initiatives already moving forward under an executive order signed by President Obama in February.

The president's order directed the National Institute of Standards and Technology, a component of the Department of Commerce, to lead the creation of a framework consisting of voluntary cybersecurity standards for the nation's critical infrastructure owners and operators (12 PVLR 257, 2/18/13).

The order also required DHS to coordinate the development of a program to promote the framework. In addition, regulatory agencies were charged with reviewing existing cybersecurity mandates to determine whether they are sufficient.

 


Full text of Meehan's draft bill is available at http://op.bna.com/der.nsf/r?Open=tbay-98csys.