Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...
Prioritizing U.S. cybersecurity responsibility under the DHS is one of House Committee on Homeland Security Chairman Michael McCaul’s main priorities, the Texas Republican told Bloomberg BNA.
McCaul’s efforts may help companies untangle the sometimes confusing array of federal departments and agencies when deciding where they should turn for help when a cyberattack strikes, and help alleviate uncertainty about how President-elect Donald J. Trump will address the issue. In any event, companies should be prepared for continued efforts to encourage cybersecurity threat information sharing with the government.
As it stands now, in the event of a cyberattack or other network intrusion on a U.S. company the Federal Bureau of Investigation, the National Security Agency, the Central Intelligence Agency, the Department of Homeland Security and even the U.S. Army may get involved depending on the specific threat actor, Rob Wilson, founder and CEO of corporate encryption company Secured Communications LLC in Los Angeles, told Bloomberg BNA.
McCaul said that “streamlining our domestic cyber efforts into a single, strong cybersecurity agency at the” DHS is a “top priority” throughout 2017. The refocus of domestic cybersecurity will help the DHS protect companies and U.S. citizens from debilitating cyberattacks, he said.
Even within the DHS, there are several components that address domestic cybersecurity, including the office of the secretary, the Secret Service and offices focused on international issues.
In 2016, McCaul introduced the DHS Reform and Improvement Act, H.R. 6381, which called for a centralized domestic cybersecurity and infrastructure protection agency within the DHS. The bill would have created a centralized cybersecurity agency to “lead national efforts to protect and enhance the security and resilience of the cyber and critical infrastructure.”
Although the measure stalled in the House Subcommittee on Biotechnology, Horticulture and Research, McCaul said he is poised to reintroduce the legislation in the next Congress.
Wilson, whose company provided encryption technology for the third 2016 presidential debate, said that the fact that a DHS reform and cybersecurity measure has been referred to at least 11 House committees and subcommittees shows that there are “too many cooks in the U.S. cybersecurity kitchen.”
The U.S. lacks a “clear voice” in domestic U.S. cybersecurity policy and that should rest with the DHS, he said.
But Cindy Cohn, executive director at digital rights advocacy group the Electronic Frontier Foundation, told Bloomberg BNA that digital security issues should “flow across many government agencies.” However, U.S.-based cybersecurity shouldn’t solely fall into the hands of the government, she said.
McCaul was also instrumental in getting the Cybersecurity Information Sharing Act (CISA) implemented as part of the Consolidated Appropriations Act.
CISA protects companies that share cybersecurity “threat indicator or defensive measure” with the government. Under CISA, private entities that “promptly” share their data with the government are granted immunity from any public or private cause of action.
The DHS is the best agency to continue oversight of the information sharing program because it is in the position to “address cybersecurity threats and facilitate information sharing between the government and private industry,” McCaul said.
The House homeland security panel chief said that he’ll continue to use his committee to oversee the information sharing initiatives because “if no one shares data, everyone is less secure and intrusions go undetected.”
A spokesman for House Committee on Homeland Security Ranking Member Bennie Thompson (D-Miss.) previously told Bloomberg BNA that the congressman supports continued oversight of the DHS to “ensure that the authorities and resources are being utilized in ways that enhance cybersecurity in the federal government and private sector.”
Cohn said that although cybersecurity threat information sharing may help companies combat cyberattacks, the program needs to be more transparent. Without more status reporting by the government, U.S. citizens may never know what kind of consumer data is being shared and whether the information is being used for proper purposes, she said.
Trump recently named retired Marine Corps Gen. John Kelly as DHS secretary. Kelly must still get Senate approval before he can take over the reins of the DHS from Secretary Jeh Johnson.
Although Kelly doesn’t have a strong cybersecurity background, he made progress in “strengthening regional cyber defense and information operations capabilities,” according to a 2014 House Armed Services Committee testimony.
McCaul, who serves as a Trump transition team adviser, said that “Kelly is a strong leader with an in-depth knowledge about the most crucial homeland security issues facing the United States.” It is imperative that when the U.S. faces “grave dangers from terrorists to cyber criminals” that there is a “steady, decisive Secretary at the helm.”
McCaul, whose name was floated as a possible pick for DHS secretary, said he looks forward to working with Kelly on “cybersecurity and other key homeland security issues.”
To contact the reporter on this story: Daniel R. Stoller in Washington at dStoller@bna.com
To contact the editor responsible for this story: Donald Aplin at firstname.lastname@example.org
Copyright © 2016 The Bureau of National Affairs, Inc. All Rights Reserved.
All Bloomberg BNA treatises are available on standing order, which ensures you will always receive the most current edition of the book or supplement of the title you have ordered from Bloomberg BNA’s book division. As soon as a new supplement or edition is published (usually annually) for a title you’ve previously purchased and requested to be placed on standing order, we’ll ship it to you to review for 30 days without any obligation. During this period, you can either (a) honor the invoice and receive a 5% discount (in addition to any other discounts you may qualify for) off the then-current price of the update, plus shipping and handling or (b) return the book(s), in which case, your invoice will be cancelled upon receipt of the book(s). Call us for a prepaid UPS label for your return. It’s as simple and easy as that. Most importantly, standing orders mean you will never have to worry about the timeliness of the information you’re relying on. And, you may discontinue standing orders at any time by contacting us at 1.800.960.1220 or by sending an email to email@example.com.
Put me on standing order at a 5% discount off list price of all future updates, in addition to any other discounts I may quality for. (Returnable within 30 days.)
Notify me when updates are available (No standing order will be created).
This Bloomberg BNA report is available on standing order, which ensures you will all receive the latest edition. This report is updated annually and we will send you the latest edition once it has been published. By signing up for standing order you will never have to worry about the timeliness of the information you need. And, you may discontinue standing orders at any time by contacting us at 1.800.372.1033, option 5, or by sending us an email to firstname.lastname@example.org.
Put me on standing order
Notify me when new releases are available (no standing order will be created)