House Homeland Security Committee Legislation
The House Homeland Security Committee is drafting legislation that will codify the cybersecurity roles and responsibilities of the Department of Homeland Security (DHS) as well as address other key aspects of cyber. This is the last of the cyber bills the House is expected to move through the chamber to complete its list of cybersecurity priorities. The committee is currently working with stakeholders to finalize its draft bill and is expected to introduce the bill in the coming weeks. At the same time, the Senate continues to have discussions with stakeholders and is expected to begin its legislative efforts in earnest in the next few weeks as well.
Supply Chain Working Group
The House Energy & Commerce Subcommittee on Communications and Technology recently launched a bipartisan working group focused on securing the components that make up the communications supply chain. The group will be co-chaired by House Intelligence Committee Chairman Mike Rogers (R-MI) and Subcommittee Ranking Member Anna Eshoo (D-CA). The working group will be holding stakeholder outreach meetings to gain an understanding of what steps can be taken to protect the U.S. telecommunications infrastructure from cyber threats.
Executive Branch Activity
U.S. and China Discussions on Cybersecurity
President Barack Obama is scheduled to meet with China’s President Xi Jinping this week in California to discuss cybersecurity, among other issues. Last week, a Department of Defense (DOD) Science Board report was leaked to the media that detailed how Chinese hackers had compromised the blueprints for a large number of critical weapons systems. While the Pentagon has defended the capabilities of its weapons systems and has taken steps to protect its resources from cyber criminals, cybersecurity is still a major concern of the Obama Administration and is likely to be discussed as part of the meetings with President Xi.
NIST Cybersecurity Framework
Last week, the National Institute of Standards and Technology (NIST) held its second workshop to discuss the “Cybersecurity Framework” that it was tasked with developing as part of the President’s February Executive Order (EO). NIST will be holding two more workshops during the weeks of July 15 and September 9 to gather feedback from stakeholders on the standards for critical infrastructure that will be included in the framework. According to the EO, a draft version of the framework is due in October and a final version should be released by February 2014.