Cyber bill would reform FISMA, instate new DHS agency and appoint White House-level authority

January 25, 2011
Cyber Security, FedCyber Wire
No Comment

via Fierce Government IT

A controversial Internet security bill proposed in 2010 by Sen. Joe Lieberman (I-Conn.) could yet become law in the current session of Congress, said Jeff Greene, counsel on the majority staff of the Senate Homeland Security and Governmental Affairs Committee.

The bill, S.3480, “Protecting Cyberspace as a National Asset Act of 2010” is garnering early bipartisan support in the new Congress, Greene said during a Jan. 19 ACT-IAC meeting in Falls Church, Va.

“FISMA hasn’t necessarily worked out as well as we had hoped,” said Greene. “Current structures are disorganized, they’re decentralized, they’re inefficient and generally speaking, they’re fairly weak.”

Authorities must be streamlined, structured and formally codified with statutory authorizations, he said, and ideally, that would mean greater authority for the Homeland Security Department. Currently, DHS has no authority to direct cybersecurity regulations for the private sector.

Homeland Security should have an agency–much like the Federal Emergency Management Agency, Secret Service or the Transportation Security Administration–to protect the “dot gov” space, critical systems and critical infrastructure, said Greene. The DHS entity would enforce standards to be carried out by agency chief information officers and chief information security officers, he added.

Federal cybersecurity intervention in private sector critical infrastructure and systems–what some critics have called Lieberman’s “kill switch” proposal–would not be taken lightly, said Greene, and would follow the DHS infrastructure protection definition in case of a cyber attack.

Story here.