recommended reading

Administration excoriated for delay in proposing cyber plan

A Senate Democrat blasted the Obama administration for holding up passage of cybersecurity legislation that has been subjected to a more than yearlong interagency review process. At a congressional hearing on Wednesday, Sen. Sheldon Whitehouse, D-R.I., secured a commitment from the Homeland Security Department secretary, under oath, to provide him with a near-term deadline for finishing negotiations.

"We need input from the executive branch to sort out the differences between the different committees," he said at the Senate Judiciary Committee session. "There's no point in sorting it out if we don't know where the executive branch is going to stand. . . . We're kind of on hold now, waiting."

The chairman of the multiple Senate committees with jurisdiction over computer security have signaled they want to pass a comprehensive bill that would address 10 elements of cyberspace, among them the security of government networks; private sector incentives to protect commercial networks; safeguards against online identity theft; and law enforcement authorities to investigate cyber crimes.

Last year, the Senate Commerce and Homeland Security and Governmental Affairs committees proposed two differing measures. The HSGAC panel reintroduced its bill last month. At the same time, Judiciary Chairman Patrick Leahy, D-Vt., has indicated he wants to update digital privacy laws.

"In the legislative branch we are now probably a year into a stall in preparing the legislation that I think we urgently need in order to protect our country from a cyberattack," Whitehouse said.

DHS Secretary Janet Napolitano at first declined to say when the administration would finalize its legislative offer.

"You're the secretary of Homeland Security -- that's the central agency for cybersecurity other than the [National Security Agency], which provides the technical horses to everybody," Whitehouse responded. "You've gotta have a sense of how close this is."

After repeated grilling, Napolitano said: "I think it is fairly close, but I hesitate to give you a deadline because I don't know that there is one. . . . I understand and take your frustration to heart and will take it to the White House, and we will try to generate an answer for you."

Without cyber mandates, the administration has used its existing regulatory powers to create agency roles and responsibilities for protecting the nation's digital infrastructure. For instance, in October 2010, Homeland Security and NSA, which is part of the Defense Department, reached a compromise under which they have collocated equipment and staff at NSA to bolster civilian and military networks. And the Commerce Department in January opened an office to coordinate with the private sector on creating an online identification system that will let consumers, companies and software execute secure, online transactions.

Whitehouse, a former Intelligence Committee member, and Napolitano agreed administrative policies do not go far enough. For instance, Whitehouse noted, legislation would be needed to require secure domains, or Web addresses, for critical infrastructure -- systems that could cause catastrophes if disrupted. "I don't think that shuffling things around within the existing authorities is adequate," Whitehouse said.

For her part, Napolitano said she would like to see cemented into law distinct roles and responsibilities for each agency associated with cyber. "Clarity in terms of authorities and jurisdiction in this new and developing area always facilitates operations," she said. "lf we can work with the Senate and get to a bill that clarifies authorities and jurisdictions, I think that that would be very helpful."

Across the Capitol, House Republican leaders have made it clear they do not want a major package enacted. Rather, Rep. Mac Thornberry, R-Texas, who is coordinating cyber legislation in the House, is pushing committees to approve piecemeal measures. Thornberry, who also serves as the Armed Services vice chairman, said his priority is defending the country against major threats, such as foreign military capabilities in cyberspace.

Threatwatch Alert

Network intrusion / Software vulnerability

Hundreds of Thousands of Job Seekers' Information May Have Been Compromised by Hackers

See threatwatch report


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • It’s Time for the Federal Government to Embrace Wireless and Mobility

    The United States has turned a corner on the adoption of mobile phones, tablets and other smart devices, outpacing traditional desktop and laptop sales by a wide margin. This issue brief discusses the state of wireless and mobility in federal government and outlines why now is the time to embrace these technologies in government.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.


When you download a report, your information may be shared with the underwriters of that document.